ACS 3.2 for Windows and MS Windows AD Directory Integration Problem

Unanswered Question
Sep 24th, 2007

Dear all,

We have some issues while integrating Windows AD with ACS 3.2 for Windows.Currently we have done the following:

1. Installed ACS 3.2 for Windows on Windows 2003 Enterprise with SP1

2. ACS and Domain Controller are configured on the same server

Checked and verified the following configurations

1. created a domain user "csacs" selected Act as a part of operating system and log on as a service enabled for this user.

2. Enabled all the CS services to log on as a user csacs.

But I noticed CS services are not respdonding and gives the error as "Could not able to start the service with service specific error ..." while trying to start services manually on ACS.

Kindly help me through this integration part

An easy and handy Step wise procedure on configuring integration of AD with ACS 3.2 on both Domain Controller and on Member server will be of great help.

Thanks

Kind Regards,

Ahmed

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jagdeep Gambhir Mon, 09/24/2007 - 04:41

Ahmed,

It seem to be hardware incompatibility. ACS 3.2 is not supported on Win2003 SP 1.

I would suggest you to use 3.3.3 or 3.3.4.

Regards,

~JG

magurwara Tue, 09/25/2007 - 02:02

I think jgambhir might be right. However, I suggest you keep it simple and give csacs account full administrative rights.

It is a fact that even ACS 4.0 has problems with 2k3 SP1 in dual-processor environments. Is your W2k3 hardware dual processor?

kevin.jones1 Tue, 09/25/2007 - 07:10

I have no issues running Cisco ACS version 3.2 on Windows

Server 2003 with SP2:

1) create user test1 in MS Active Directory and put test1

in users group with dial-in access granted,

3) Create a group called "LDAP". Actually I renamed

group name "group 1" to "LDAP".

3) in ACS external user database configuration, I specified

domain "CCIE" as for this. unknow user policy is to use

Windows Database configuration,

4) Configure the database configuration in ACS to point

to "CCIE" windows domain,

5) setup the ACS to authenticate one of your Cisco devices

and log in using the MS windows account,

By the way, mgurwara, you are wrong. I run Cisco

ACS 3.2 on windows 2003 Enterprise Edition with Service

Pack 2. I am running it on a Dell Optiplex Gx240

(1.7 GHz with 512MB of RAM) and it is running fine.

I use it to manage about 20 cisco devices and

about 200 Wireless LEAP user(s). Furthermore, I am also

running ACS 4.1 on another identical hardware. It has

nothing to do with the hardware. I don't know where

you get that information from.

Jagdeep Gambhir Tue, 09/25/2007 - 09:05

Kevin,

It is good to know that acs 3.2 is running fine on win2003 SP 2, but actually it is not supported.

Not supported here does not mean that it is not going to work at all. It may work fine but there is no guarantee that it will continue to work. Somewhere down the line it can show some abnormal behavior.

Regards,

~JG

kevin.jones1 Tue, 09/25/2007 - 09:11

hi,

I realized that it is NOT supported but

the point I am trying to make here is

that it has nothing to do with the

hardware. ACS 3.2, 4.0 or 4.1 will work

just fine on a Dell Desktop. It does

not require beefy hardware. That's the

point I try point out.

Regards,

Actions

This Discussion