06-25-2012 10:37 PM - edited 03-10-2019 07:14 PM
We have an ACS running 4.2. I am sure that this ACS is talking to our AD database because our wireless users (using ACS as RADIUS servers) are able to log in using their Windows AD account.
However, I am not sure how ACS is integrated with AD. Our ACS is installed on a windows 2003 R2 server. I am not sure where the AD database is? ie,
if AD is on the same server as ACS
OR
on a different server [ADs managed by different group altogether :-( ].
Could you tell me:
How is the integration done between ACS and AD when both are on the same windows server?
And
How is the integration done between ACS and AD when they are on different windows servers?
I am looking for exact steps as I did not find any clear, short doc.
ACS is software installed on windows 2003 R2 server.
PS: I rate useful posts.
Thanks,
Kashish
Solved! Go to Solution.
06-25-2012 10:46 PM
Kashish,
Since your ACS is installed on a windows server that server is either a member of the domain or a domain controller itself. ACS 4.x uses the libraries that come in the bin directory in order to authenticate to the domain, if my memory serves me correct I am sure it uses ntlm authentication.
Here are the post installation tasks for acs for windows that may provide some insight based on the tasks that may help answer your question.
Thanks,
Tarik Admani
06-25-2012 11:53 PM
Just like described by Tarik, your windows machine that hosts the ACS server needs to be member of the domain as either domain member or domain server.
If you use an appliance flavor of the ACS, then there is a piece of software called remote agent that is needed to be installed on a member server (or domain server) to serve authentication requests between ACS and active directory
In both cases, the software (either ACS itself when it is installed on windows or remotea agent in case of acs appliance) does the authentication as a normal user. i.e: just like AD users authenticate. a request is sent to the domain controller and a reply is sent back to the requestor.
HTH
Amjad
06-25-2012 10:46 PM
Kashish,
Since your ACS is installed on a windows server that server is either a member of the domain or a domain controller itself. ACS 4.x uses the libraries that come in the bin directory in order to authenticate to the domain, if my memory serves me correct I am sure it uses ntlm authentication.
Here are the post installation tasks for acs for windows that may provide some insight based on the tasks that may help answer your question.
Thanks,
Tarik Admani
06-25-2012 11:53 PM
Just like described by Tarik, your windows machine that hosts the ACS server needs to be member of the domain as either domain member or domain server.
If you use an appliance flavor of the ACS, then there is a piece of software called remote agent that is needed to be installed on a member server (or domain server) to serve authentication requests between ACS and active directory
In both cases, the software (either ACS itself when it is installed on windows or remotea agent in case of acs appliance) does the authentication as a normal user. i.e: just like AD users authenticate. a request is sent to the domain controller and a reply is sent back to the requestor.
HTH
Amjad
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide