Cisco ACS and Active Directory multiple domains connection

KarimovaFiruza · ‎11-02-2009

Hi,

I am trying to set up an external Active Directory database connection with Cisco ACS. I have a large forest and 3 tier domains within. I am planning to set up an external database via Generic LDAP option. The reason for doing it this way as i cannot set it up via windows user database option, more precisely I cannot join my Cisco ACS server into domain. My problem is that i have various OUs which contain my users and it will be too complicated to set up a separate LDAP connection for every single OU within my Forest.

Is there anyway of connecting to AD at higher level without pointing to every Base dn where users are?

Many thanks,

Firuza

Jagdeep Gambhir · ‎11-02-2009

You can point root as Base DN, so that it starts checking from root.

It can cause authenticate delay incase db is huge.

Regards.

~JG

Do rate helpful posts

KarimovaFiruza · ‎11-02-2009

Hi Igambhir,

Thanks for your prompt response. Are you saying that I can point to let's say dc=local, dc=com, instead of ou=example, dc=local, dc=com?

Many thanks,

Firuza

Jagdeep Gambhir · ‎11-02-2009

Yes, that should work.

Regards,

~JG

Do rate helpful posts

KarimovaFiruza · ‎11-02-2009

Ok, I will try that and see how it goes.

Many thanks,

Firuza