10-27-2007 11:21 AM - edited 03-10-2019 03:28 PM
I have a Cisco Secure ACS Appliance running version 3.3. I have previously integrated Active Directory as an external database and authenticate unknown users this way. I want to map an ACS Group to an AD Group but whenever I try to do an "Add Mapping" in ACS I get an error that says "Failed to enumerate windows groups". I have searched on the error but all the documentation addresses the problem with ACS running on a Windows server, not the appliance.
10-27-2007 09:36 PM
Please make sure :
- we have installed the same exact version of RA as the ACS Software version
- Remote Agent service is running as Local System, if its installed on Domain Controller.
- Make sure that RA is registered in ACS under Network Configuration > Remote Agent
- We have selected the RA from External User Databases > Windows Database > Configure
tnx,
somishra
10-28-2007 06:48 AM
The Remote Agent is functioning properly. I can authenticate users against Active Directory. The problem is when I try to map ACS groups to Active Directory groups.
10-28-2007 06:51 AM
How many groups do you have in the AD ?
10-28-2007 06:52 AM
There are probably about 100 or so. No where near 500, at which point I think there is a problem.
10-28-2007 07:00 AM
Can you please attach the CSWinAgent logs, at the time you are trying to add the group mapping.
rgds
somishra
10-28-2007 03:19 PM
This was a bug, CSCsi59931. After going from version 3.3.2.2 to version 3.3.4.12.6 on the ACS, the problem was resolved.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: