Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
941
Views
2
Helpful
3
Replies

ACS integrated with Microsoft AD -- Internal error

shibindong
Level 1
Level 1

‎09-17-2008 06:59 PM

hi all:

we have ACS server used for TACACS server need to be integrated with MS AD.

After configuring the external DB in ACS, we are still not able to be authenticated by using AD account. and we found "Internal error" in the "failed attempts" log in the ACS server.

according to Cisco, Internal error is coming from Microsoft, did some come accorss the same problem before? and any solution?

Labels:
0 Helpful
3 Replies 3

smalkeric
Level 6
Level 6

‎09-23-2008 09:38 AM

If your usernames and passwords are on the external database like AD you can use a feature called RADIUS with expiry on concentrators, however any kind of password change feature is NOT supported when your NAS is a PIX firewall.

Below is the link for the RADIUS with expiry with Ciscosecure ACS for VPN users thorough 3000 series concentrators

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00800946b9.shtml

shibindong
Level 1
Level 1
In response to smalkeric

‎09-23-2008 03:04 PM

thanks for your reply. this is not exactly what i wanted

0 Helpful

akemp
Level 5
Level 5

‎09-24-2008 03:51 AM

So you've configured an external database, thats a start. Have you added mappings from the AD domain to the ACS groups ? Have you configured those ACS groups to allow access ?

What config are you using on the devices to authenticate,authorize and account ?

0 Helpful
Customers Also Viewed These Support Documents