Cannot Retrieve Active Directory Groups

Murtaza Haider · ‎08-26-2014

Hi All

I recently connected my ACS deployment to Active Directory 2003. However when I try to add the active directory groups for group mapping, i.e. navigating to Users and Identity Stores > External Identity Stores > Active Directory > Directory Groups Tab and click select.

My GUI on IE just loops and does not display anything(it does not freeze). On Firefox I receive "The connection was reset" error.

Any ideas?

Thanks in Advance

Saurav Lodh · ‎11-17-2014

what is the ACS version? here are few Tshoot steps

https://supportforums.cisco.com/document/111776/acs-5x-debugging-ad-related-issues

nspasov · ‎11-17-2014

Do you have the proper AD permissions set for the AD account used to join ACS to the domain?

Note: AD account required for domain access in ACS should have either of these:

Add workstations to domain user right in corresponding domain.
Create Computer Objects or Delete Computer Objects permission on corresponding computers container where ACS machine's account is created before joining ACS machine to the domain.

Thank you for rating helpful posts!

Venkatesh Attuluri · ‎01-20-2015

https://supportforums.cisco.com/discussion/11505326/acs-integration-microsoft-active-directory-services

http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/113571-acs5-ad-int-config-00.html