Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Authentication of users from multiple AD forests

We have a client who has 3 (three) AD forests. Is it possible to have one ACS server authenticate VPN users from all these forests using their AD credentials?

If yes, please provide the URL link of the document that has details about the above configuration.

Regards

Raj

1 REPLY
Silver

Re: Authentication of users from multiple AD forests

Support for LDAP authentication with Microsoft AD forests containing multiple trees relies exclusively on the approach described above. Therefore, support is limited to deployments where the UPN suffix of a user corresponds to the root domain of the tree where the user resides. If the UPN suffix is disjointed from the actual namespace of the tree, it is not possible to authenticate Cisco Unified CallManager users against the entire Microsoft Active Directory forest. (It is, however, still possible to use a different attribute as user ID and limit the integration to a single tree within the forest.)

153
Views
0
Helpful
1
Replies
CreatePlease login to create content