cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
593
Views
0
Helpful
3
Replies

CiscoSecure ACS and Windows 2003 AD forest

wadeh
Level 1
Level 1

I am looking to configure ACS to map users to a ACS group from multiple domains in a single forest. Is there a way to create this mapping so that you don't have to configure a "WAN Team" (for example) group in every domain in the forest that has members? Is it possible to add other domain users to a domain local or universal group and get them to authenticate?

We are running an ACS 3.3.2 appliance. Right now our main concern is authenticating access to network devices.

3 Replies 3

didyap
Level 6
Level 6

I think the only option is to create groups in each domain and map them to an ACS group.

I did verify with TAC that the only current option is to create the groups in each domain individually. The did mention that support for Universal AD groups should be available in the next ACS release, but I haven't been able to get an ETA on that release.

Cisco ACS 3.3.3 should be available now, or the next few weeks. As far as ACS 4.0, that is scheduled to be released in mid July.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: