Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS 4.2 - AD Cross Forest Authentication

I have a requirement to authenticate wireless users who are members of a seperate AD forest.  The domain administrators have assured me that a two-way transitive trust is inplace between the forests.  I am having problems mapping groups from the new domain to ACS groups, it "Fails to enumerate the windows groups, please check installation documentation".  I have checked and double checked our installation against the instructions and I don't think I have missed anything on that count.

I have run some packet captures of network traffic during ACS services startup, as well as when attempting to map groups and there is no traffic to domain controllers in the other domain / forest.  Is this expected?  Is this supposed to be handled by the local domain?

Any further diagnosis tips, or things to try to try and pinpoint where I have gone wrong?

Thanks,
Michael

Everyone's tags (4)
1 REPLY
New Member

Re: ACS 4.2 - AD Cross Forest Authentication

maybe i have teh same problem.

my question is: the relationship betwen domain controllers must be two-way transitive or can be configured in other way?

in other words acs requires trust relationship two-way transitive?

bye,

Luca

992
Views
0
Helpful
1
Replies
CreatePlease to create content