Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1648
Views
0
Helpful
1
Replies

problem integrating ACS 5.3 with Active Directory

Go to solution
abukuru95
Level 3
Level 3

‎06-11-2012 02:07 AM - edited ‎03-10-2019 07:11 PM

Hello All,

I am trying to integrate my Cisco ACS 5.3 with Windows Active directory for centralised user authentication but i continously receive

a kerberos status error.

i have checked and my firewall is open for all the ports  between ACS and AD

Samba Port - TCP 445

LDAP - TCP 389

LDAP - UDP 389 (is ok)

KDC - TCP 88

kpasswd - TCP 464

NTP- UDP 123

Global catalogue - TCP - 3268

DNS 53

any known issues on this? my NTP time is synchronized with the Active Directory.

thanks in advance for the help.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jrabinow
Level 7
Level 7

‎06-11-2012 03:13 AM

Couple of comments:

- If you are testingACS 5.3 with active directory recommendation is to install at least patch 4

  See: http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/release/notes/acs_53_rn.html#wp223684

which has following note

"When you install ACS 5.3 or upgrade any older version of ACS to ACS 5.3, you are strongly recommended to install the cumulative patch 5.3.0.40.4 or a later patch as a part of this installation or upgrade process. This patch includes some important fixes that are related to the upgrade process and Active Directory operations. You must install this patch if you are using Active Directory as the identity store in ACS."

Latest patch is in fact 5.3.0.40.5

- Can try the "Test Connection" button on the active directiory GUI

View solution in original post

0 Helpful
1 Reply 1

Go to solution
jrabinow
Level 7
Level 7

‎06-11-2012 03:13 AM

Couple of comments:

- If you are testingACS 5.3 with active directory recommendation is to install at least patch 4

  See: http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/release/notes/acs_53_rn.html#wp223684

which has following note

"When you install ACS 5.3 or upgrade any older version of ACS to ACS 5.3, you are strongly recommended to install the cumulative patch 5.3.0.40.4 or a later patch as a part of this installation or upgrade process. This patch includes some important fixes that are related to the upgrade process and Active Directory operations. You must install this patch if you are using Active Directory as the identity store in ACS."

Latest patch is in fact 5.3.0.40.5

- Can try the "Test Connection" button on the active directiory GUI

0 Helpful
Customers Also Viewed These Support Documents