ACS 4.2 group mapping trusted domains

Unanswered Question
Feb 3rd, 2010

hi guys,

i must add group mapping in windows database set up with trusted domains (not int same forest) in windows 2008 server.

in the windows database configuration i can see the domains and add it for the list for external database.

after go in group mapping set up, and check the add group maping on trusted domains.

i have also add the computer name on the acs run in the group "RAS and IAS SERVERS group" in the trusted domain. is correct or must add the computer in the other group domain??

this the error witch occur whe check add group mapping:

"Failed to enumerate Windows groups. If you are using AD consult the installation guide for information"

some idea to resolve?

thx,

bye

Luca

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ganesh Hariharan Wed, 02/03/2010 - 02:00

hi guys,

i must add group mapping in windows database set up with trusted domains (not int same forest) in windows 2008 server.

in the windows database configuration i can see the domains and add it for the list for external database.

after go in group mapping set up, and check the add group maping on trusted domains.

i have also add the computer name on the acs run in the group "RAS and IAS SERVERS group" in the trusted domain. is correct or must add the computer in the other group domain??

this the error witch occur whe check add group mapping:

"Failed to enumerate Windows groups. If you are using AD consult the installation guide for information"

some idea to resolve?

thx,

bye

Luca

Hi Luca,

Check out the below link on group mapping in ACS hope that helps out your query !!

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/GrpMap.html#wp940538

If helpful do rate the post

Ganesh.H

tech-intercom Wed, 02/03/2010 - 02:15

my configuration on acs is correct.

my doubt is for Active directory trust relationship.

how must configure my trust relationship on AD for permit add group mapping on acs.

another problem, maybe, is that i have two server, domain controller, with 2003 and 2008 server.

help please!

Luca

Actions

This Discussion