Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Cisco ACS

Currently we use debian radius to authentice users. We have about 15000 users (wired, wireless and VPN remote users).

Does any one know how many users can ACS support? and how does Cisco charge for user licenses?

Also, is it compatible with Windows active directory?

How does your system authenticate users? Is it feasible with ACS? Is ACS the right product? Are there any other product which support this?

Thanks for your input.


Re: Cisco ACS


It all depends on the deployment methods you choose when you install your ACS.

ACS can easily be integrated with your AD for authentication purpose but you need a separate middleware called remote agents if you make use of ACS appliance instead of ACS application on a Windows server.

You can integrate all your device authentication / Wireless authentications to the ACS which in turn can pick all the details from the AD server farms.

do refer the below link for more info.


Community Member

Re: Cisco ACS

From what I know, ACS isprimarily use for user authentication to network devices?

I dont have a clear picture of how ACS interact with microsoft Active Directory LDAP, my understanding is that, when user request network access, it then direct to ACS server, ACS then direct to Active Directory and search for user attributes, so basically ACS use as a hub between end-users and LDAP.

Pls correct me if I'm wrong,



Re: Cisco ACS

ACS will only grab the user's group memberships from LDAP or AD in order to run an internal group mapping. In ACS you create a group structure that is relevant for network access (ie stuff like ACLs, access restrictions etc) rather than pull stuff out of AD.

CreatePlease to create content