ACS 4.2 patch 6 with Windows Server 2008 AD auth.

Unanswered Question
Oct 24th, 2008
User Badges:

I have a totally isolated newly installed Windows Server 2008. It is the forest root, DC, GC, DNS and Netbios server and has ACS installed directly on it. When using local database in ACS user account it works great to AAA Tacacs Auth. When trying to auth a dynamic mapped user on even local user pointed to windows database I get internal error. This is killing me. My company needs to move to native 2008 and ACS is stopping it at this point. We are runing patch 6

Any assistance is greatly appreciated. In fact it would be nice to know if this works for anyone.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jagdeep Gambhir Fri, 10/24/2008 - 16:33
User Badges:
  • Red, 2250 points or more

Please set the logging level to full and recreate the issue and attach auth.log, failed attempts, and RDS.log.



jasonmcl Mon, 10/27/2008 - 08:19
User Badges:

Pass and fail logs with all fields selected attached. Not Sure what the RDS log is. This is still failing. Works fine for local auth but fails when passing to AD. Thanks for the look. I hate to think this is not compatible with 2008 AD.

chen.junyi Sun, 11/16/2008 - 19:40
User Badges:

My network enviroment is simular to yours,but I use windows 2008 64bit and I meet the same problem too.

"Internal error"---It really make me crazy.

Thank you a lot.

Attachments is ACS Server LOG:


jasonmcl Mon, 11/17/2008 - 07:30
User Badges:

Cisco has conflicted information on this front. They are very unclear at to what exactly they support on the 2008 platform. This is unreal. I have actually begun to work on removing ACS all together for another radius platform. Microsoft NPS is working with mixed results however Cisco on many of my platforms sends malformed Radius packets to the NPS. This is after hours of packet captures to determine why a simple radius access request never gets back to the network device. Its because Cisco radius requests are broke. Very frustrating. If Cisco has anything to say on the matter it would be great but they are being very quite about ACS not working with 2008 AD.

JACKY NIGLIO Sat, 11/29/2008 - 14:45
User Badges:

Hello, I meet a same problem with Windows 2003 SP2 R2 64Bits ( member of domain )

"internal Error" .



This Discussion