Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 5.3 AD integration questions

Hi All,

We have two ACS 5.3 appliances in Sync mode with some local users, devices, groups, etc. I need to join the ACS to the Active Directory. I have a couple of questions, can you help me please?

 

1) We have one Parent Domain and three child domians, I need client from all three child domains to be able to authenticate on ACS, should I join the ACS to the parent Domain, or is it possible to connect ACS to three child domains?

2) Will joining ACS to the AD affect the current (local) configuration, will the local users somehow lose access to some devices, or some devices will disappear? Or is it a safe procedure?

3) Another quick question, I can access the WEB UI, but cannot SSH (putty) using the same credentials, am I doing anything wrong?

 

Thanks!

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions

1) Join it to the parent

1) Join it to the parent domain and you can authenticate from parent and child both.

-- Parent and child have default two way trust which is what is needed.

2) No, and it is safe.

3) SSH creds are different than the web GUI.

this is usually set when you install the ACS software.

if you forgot it, perform password recovery using the DVD.

Rate if Useful :)

Sharing knowledge makes you Immortal.

Regards,

Ed

1 REPLY

1) Join it to the parent

1) Join it to the parent domain and you can authenticate from parent and child both.

-- Parent and child have default two way trust which is what is needed.

2) No, and it is safe.

3) SSH creds are different than the web GUI.

this is usually set when you install the ACS software.

if you forgot it, perform password recovery using the DVD.

Rate if Useful :)

Sharing knowledge makes you Immortal.

Regards,

Ed

64
Views
5
Helpful
1
Replies
CreatePlease login to create content