cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1134
Views
0
Helpful
1
Replies

ACS server no longer authenticating

Colin Higgins
Level 2
Level 2

Not sure which forum to put this in, but here it goes

I have a Cisco ACS server 4.1 that provides authentication to routers and switches on my network via tacacs+

The software was installed on a Windows 2003 domain controller, but we had to do a dcpromo to make it a standard domain member server.

Now the ACS server no longer accepts authentication requests

Has anyone see this before? Can I fix it?

1 Reply 1

Colin Higgins
Level 2
Level 2

OK, I can add a little to this:

ACS server service account has been given rights to log on locally, act as part of the OS, and to log in as a service. The machine seems to be correctly on the domain, and the domains show up in the database field within ACS when configuring authentication. The DNS servers were also changed on the ACS server to point to our new DNS (which is working fine for all other machines).

When I try to authenticate against ACS from a router, I see a message in the auth.log saying windows authentication failed with a code of 6L

So my question is, what has changed? What am I missing?

Review Cisco Networking for a $25 gift card