I have been having some issues with an ACS express joining a domain. This device previously had joined and after a weekend we received a notice that users were not authenticating to the domain. This in turn let us to find out the the device was unable to join the domain. Further research led us to find that the account the device was using to join the domain had been disabled. However, after re-enabling the account we would only recieve domain timeouts when tried to join. I opened a case with cisco and we have tried everything under the sun to no avail. I can ping the AD server (name & ip) from the ACS express. Cisco helped me apply a root patch that allowed us to create hosts file entries on the device. I checked the system time and made sure it was within 5 minutes of the Domain controller time. In the logs of the ACS express the only thing I can really find is:
"acsxp/server Warning Server 0 is DisconnectedMode, IOException for reason, ipc socket connect; No such file or directory:
Recently we re-imaged the ACS and tried to join the domain without the old config on it and just received the same error. I reloaded the backup after that which also resulted in no change. I am starting to think that there is more of a domain issue rather than networking but am having issues finding a way to prove this via the logs. The are other ACS's configured in the network and the settings on this device match the settings on the other device in the network which are working correctly
Is there any other steps anyone can think of to troubleshoot this device?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...