Cisco ACS and Active Directory multiple domains connection

Unanswered Question
Nov 2nd, 2009


I am trying to set up an external Active Directory database connection with Cisco ACS. I have a large forest and 3 tier domains within. I am planning to set up an external database via Generic LDAP option. The reason for doing it this way as i cannot set it up via windows user database option, more precisely I cannot join my Cisco ACS server into domain. My problem is that i have various OUs which contain my users and it will be too complicated to set up a separate LDAP connection for every single OU within my Forest.

Is there anyway of connecting to AD at higher level without pointing to every Base dn where users are?

Many thanks,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jagdeep Gambhir Mon, 11/02/2009 - 09:37

You can point root as Base DN, so that it starts checking from root.

It can cause authenticate delay incase db is huge.



Do rate helpful posts

KarimovaFiruza Mon, 11/02/2009 - 09:44

Hi Igambhir,

Thanks for your prompt response. Are you saying that I can point to let's say dc=local, dc=com, instead of ou=example, dc=local, dc=com?

Many thanks,



This Discussion