Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
885
Views
0
Helpful
2
Replies

LMS INTEGRATION WITH REDUNDANT ACS

Go to solution
juliocarossella
Level 1
Level 1

‎11-06-2010 09:09 AM

Hi dear people:

We want to integrate (full integration: authentication & authorization) LMS (ver 3.1) with a redundant ACS (ver 4.2).

Is there any procedure o white paper to do it? (I am aware of this wp: http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps2425/prod_white_paper0900aecd80613f62.html)

My question is aimed to the way the integration is done when two ACS servers are involved.

As both (ip or hostname) servers are configured in LMS, does it try both ACS?

And if so LMS apps are enabled in both ACS? Or it is done only in the first and the second receive the configuration at the replication time?

I suppose that there are different ways to do it, isn´t it?

a) May be the less effort way could be integrating with one ACS server first (configure only the primary ACS server in LMS), and then force replication to the second ACS and finally add the second ACS server in the LMS configuration.

b) Another should be configuring LMS parameters in the primary ACS server, then force replication, and finally integrate configuring both ACS servers in the LMS.

Dear people, should you send your experiences and considerations to avoid mistakes in this task?

Thanks a lot.

Julio

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎11-06-2010 09:26 PM

The best way to do this is to first integrate with the primary ACS server.  Install the application data to this server.  Then force a replication from the primary to the secondary.  Then, add the secondary server address to LMS but do not re-register the applications.  LMS will try and authenticate/authorize to the main server.  If that server is unreachable, it will fall back to the secondary server.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎11-06-2010 09:26 PM

The best way to do this is to first integrate with the primary ACS server.  Install the application data to this server.  Then force a replication from the primary to the secondary.  Then, add the secondary server address to LMS but do not re-register the applications.  LMS will try and authenticate/authorize to the main server.  If that server is unreachable, it will fall back to the secondary server.

0 Helpful

Go to solution
juliocarossella
Level 1
Level 1
In response to Joe Clarke

‎11-06-2010 09:42 PM

Thanks a lot, Joseph!!

As usual, a flawless answer!

Cheers,

Julio

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card