×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ACS not connecting to domain.

Unanswered Question
Jul 29th, 2013
User Badges:

I have two ACS boxes that I use here at work.  The primary is working fine, but lately the secondary stopped to working.  I checked it today and it is saying that the AD connectivity status is DISCONNECTED.  I tested the connection and it is succesful.  I checked the time settings and name servers as well and they all seem to be good.  Anyone have any idea where else I should look to find the issue?  They are using version 5.3.0.40


Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jatin Katyal Mon, 07/29/2013 - 14:00
User Badges:
  • Cisco Employee,

If you have already checked the basic stuff then we can jump to adclient debugs to see whats happening.


From the ACS CLI

--------------------------


acs/admin# acs-config

Escape character is CNTL/D.

Username: GUI-USERNAME

Password:  GUI-PASSWORD

acs/admin(config-acs)#

acs/admin(config-acs)# debug-adclient enable


Duplicate the issue and run the below listed command to see the live logs


show acs-logs filename ACSADAgent.log


~BR
Jatin Katyal

**Do rate helpful posts**

ivan.martin Mon, 07/29/2013 - 14:13
User Badges:

Hi Bryan Roth


Try to update the two ACS 5.3.0.40.4 or higher version by installing a patch. There is a bug fixed in this version you indicated which resolves operating problems with Active Directory.

To rule out problems like a bug would be a good advice.

Regards

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/release/notes/acs_53_rn.html#wp223684

Actions

This Discussion