Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS 5.0 clock skew

Hi,

I have acs 5.0 and i am trying to get this with AD but when i do the test connection i have a log that say CLock skew.

I have the acs with ntp and zonetime but AD does not have ntp but the clock its almost the same. People that manage AD does not want to syncrhonize with ntp without true reason because documentation says that acs and ad should be on the same ntp but not must.

AD must have ntp?

Regards.

2 REPLIES
Cisco Employee

Re: ACS 5.0 clock skew

The error message you are getting is no doubtly due to time syncronization. ACS 5.1 has to be configured with a valid NTP server for time synchronization, preferably from where the domain controller is syncing its time but AD should be configured with NTP for time syncronization. It won'y work if you manually set the clock even though its correctly setup. Another one is a valid DNS server which can resolve internal names.

Both of them will be configured from the CLI:
http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_system/5.1/command/reference/cli_use.html#wp1096003


ip name-server
http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_system/5.1/command/reference/cli_app_a.html#wp1729536

Ntp server
http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_system/5.1/command/reference/cli_app_a.html#wp1013780

HTH


JK


Do rate helpul posts-

~BR Jatin Katyal **Do rate helpful posts**
New Member

Re: ACS 5.0 clock skew

Hi,

It is working w/o NTP only i had to configure the same clock timezone.

But thanks for all.

Regards

7481
Views
8
Helpful
2
Replies
CreatePlease to create content