Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACS 4.2 patch 6 with Windows Server 2008 AD auth.

I have a totally isolated newly installed Windows Server 2008. It is the forest root, DC, GC, DNS and Netbios server and has ACS installed directly on it. When using local database in ACS user account it works great to AAA Tacacs Auth. When trying to auth a dynamic mapped user on even local user pointed to windows database I get internal error. This is killing me. My company needs to move to native 2008 and ACS is stopping it at this point. We are runing 4.2.0.124 patch 6

Any assistance is greatly appreciated. In fact it would be nice to know if this works for anyone.

5 REPLIES

Re: ACS 4.2 patch 6 with Windows Server 2008 AD auth.

Please set the logging level to full and recreate the issue and attach auth.log, failed attempts, and RDS.log.

Regards,

~JG

Community Member

Re: ACS 4.2 patch 6 with Windows Server 2008 AD auth.

Pass and fail logs with all fields selected attached. Not Sure what the RDS log is. This is still failing. Works fine for local auth but fails when passing to AD. Thanks for the look. I hate to think this is not compatible with 2008 AD.

Community Member

Re: ACS 4.2 patch 6 with Windows Server 2008 AD auth.

My network enviroment is simular to yours,but I use windows 2008 64bit and I meet the same problem too.

"Internal error"---It really make me crazy.

Thank you a lot.

Attachments is ACS Server LOG:

---------------------------------------------

Community Member

Re: ACS 4.2 patch 6 with Windows Server 2008 AD auth.

Cisco has conflicted information on this front. They are very unclear at to what exactly they support on the 2008 platform. This is unreal. I have actually begun to work on removing ACS all together for another radius platform. Microsoft NPS is working with mixed results however Cisco on many of my platforms sends malformed Radius packets to the NPS. This is after hours of packet captures to determine why a simple radius access request never gets back to the network device. Its because Cisco radius requests are broke. Very frustrating. If Cisco has anything to say on the matter it would be great but they are being very quite about ACS not working with 2008 AD.

Community Member

Re: ACS 4.2 patch 6 with Windows Server 2008 AD auth.

Hello, I meet a same problem with Windows 2003 SP2 R2 64Bits ( member of domain )

"internal Error" .

bye

563
Views
0
Helpful
5
Replies
CreatePlease to create content