05-12-2010 10:51 PM - edited 03-10-2019 05:08 PM
05-13-2010 04:47 AM
Cao,
Make sure that the remote domain name (B.com) you specified in the database group mapping screen is the NETBIOS name, not the AD domain name. If you enter "cisco.com" as the domain name, it will fail.
If this is already OK, then you have a permissions issues. The ACS services (running on A.com member server) must be running as a user that can read all user/group properties on the target domain. Normally this user should be a part Domain Admin group.
In the below listed link please focus on the Step 2 Add CISCO workstation.
Step 2 Add CISCO workstation
In the local domain, and in each trusted domain and child domain that ACS will use to authenticate users, ensure that:
•A computer account named CISCO exists.
•All users that Windows will authenticate have permission to log in to the computer named CISCO.
Rgds,
JK
Do rate helpful posts-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide