Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1439
Views
0
Helpful
1
Replies

Two factor authentication ACS 5.x against external Radius and Active Directory

mvoegtlin
Level 1
Level 1

‎03-23-2013 07:33 PM - edited ‎03-10-2019 08:13 PM

On ACS 5.x I'd like to authenticate against two external Directories

  1. Active Directory
  2. Black Shield Token Server (via RADIUS)

I found a description the meets mostly my requirements at

     http://blog.pbmit.com/digipass2

Has somebody an Idea how this has to be implemented on Cisco ACS 5.3?

In the identity store swwquence there's no way to implement a compound condition (if user authenticated against Directory 1 AND Directory 2 then success)

Active Directory and Cisco ACS

      This solution attempts to solve the limitation described in Solution 1. Instead of letting the Identikey server communicate directly to the AD, we use the Identikey server only to strip the PIN and OTP from the password and loop the authentication request back to the Cisco ACS to utilize its Identity Store Sequence, which can now be set to both Internal Identity Store and AD.
 

1 person had this problem
Labels:
0 Helpful
1 Reply 1

jbeltrame
Level 1
Level 1

‎09-24-2013 11:23 AM

just following up to see if there was a solution to this.  I am also interested in setting this type of scenerio out.

0 Helpful
Customers Also Viewed These Support Documents