Re: ACS and Domain Level

IrishMann · ‎01-05-2011

Hello All,

Since I recently updated my MS AD domain lever from 2008 to 2008 R2, my ACS AD authentication no longer works. It appears the Cisco client does not support a 2008 R2 Domain Level. Has anyone ever reverted backwards ?

Cheers

Colin

Surendra BG · ‎01-05-2011

Hi,

I assume the EAP flavour that we are using is added in the authentication methods..

Also change the radius keys on both the ends and see if that helps..

Also please check the server self signed cert as well.. just to double check

and few days back was researching on the issue and found the below link as well

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2000_Server/Q_26295914.html

lemme know if this answered your question..

Regards
Surendra
====
Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull

Regards
Surendra BG

Federico Ziliotto · ‎01-05-2011

Hi Colin,

Could you please clarify which version of ACS you are using?

For example, if this is ACS 4.2 appliance with a remote agent installed on the Windows server, then Windows 2008 is not supported:
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/remote_agent/rawi.html#wp308532

If this is ACS 5.2, then Windows 2008 R2 should be supported:
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/users_id_stores.html#wp1248491

Regards,

Fede

--
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.