05-05-2010 03:20 AM - edited 03-10-2019 05:06 PM
Currently we use debian radius to authentice users. We have about 15000 users (wired, wireless and VPN remote users).
Does any one know how many users can ACS support? and how does Cisco charge for user licenses?
Also, is it compatible with Windows active directory?
How does your system authenticate users? Is it feasible with ACS? Is ACS the right product? Are there any other product which support this?
Thanks for your input.
05-05-2010 03:41 AM
Hi
It all depends on the deployment methods you choose when you install your ACS.
ACS can easily be integrated with your AD for authentication purpose but you need a separate middleware called remote agents if you make use of ACS appliance instead of ACS application on a Windows server.
You can integrate all your device authentication / Wireless authentications to the ACS which in turn can pick all the details from the AD server farms.
do refer the below link for more info.
regds
05-05-2010 10:22 AM
From what I know, ACS isprimarily use for user authentication to network devices?
I dont have a clear picture of how ACS interact with microsoft Active Directory LDAP, my understanding is that, when user request network access, it then direct to ACS server, ACS then direct to Active Directory and search for user attributes, so basically ACS use as a hub between end-users and LDAP.
Pls correct me if I'm wrong,
Cheers
05-05-2010 11:34 AM
ACS will only grab the user's group memberships from LDAP or AD in order to run an internal group mapping. In ACS you create a group structure that is relevant for network access (ie stuff like ACLs, access restrictions etc) rather than pull stuff out of AD.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: