Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
663
Views
0
Helpful
2
Replies

Domain Admin accout for ACS

xianglingzj
Level 1
Level 1

‎05-09-2008 12:12 AM - edited ‎03-10-2019 03:50 PM

Hi, Everybody. Recently I am installing ACS for one of my customer who can not give me the domain administrator account to run ACS service. Anyone knows that is there any workaround for this? Thanks.

Labels:
0 Helpful
2 Replies 2

smahbub
Level 6
Level 6

‎05-15-2008 05:52 AM

It's mandatory to have the domain administrator account to run ACS service.Without domain administrator account the ACS service cannot be used.

Refer the ACS config gide in the url below:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/installation/guide/windows/install.html

0 Helpful

andypalfrey
Level 1
Level 1
In response to smahbub

‎07-09-2008 08:24 AM

The doc says that BUT We have it happily running with the ACS service account as a member of "domain users" only, membership of the local admins group on the ACS server(s) and additional user rights granted via GPO - "log on as a service", "log on as a batch job", "act as part of the operating system" - It all depends on the DACLs set on AD - the ACS account needs to be able to bind to AD and read attributes.

Regards

Andy

0 Helpful
Customers Also Viewed These Support Documents