Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Group mapping problem with AD after an upgrade 3.3 => 4.1(3)

Hello,

I have a problem of "group mapping" after an upgrade of ACS 3.3 => 4.1(3) Build 12 Patch 3.

Before the upgrade, it was working.

In "external user databases", I have a connexion to the active directory 2003 domain.

The ACS can list all the group of the domain. When a user authenticate, the password is well checked but for the ACS, the user is always in the NT group 'user' (even if the user is not in this group).

Exemple :

NT group : "VPN" => ACS group "VPN"

NT group : "user" => ACS group "user"

When a user A (in NT : only in the group 'VPN') is authenticated, the ACS will put this user in the group 'user'.

I don't know if I am realy clear .?.! :-)

Thank's everybody for the help.

Phil

3 REPLIES

Re: Group mapping problem with AD after an upgrade 3.3 => 4.1(3)

check if this applies,

CSCsk08313 : ACS 4.1 group mapping fails

Regards,

Prem

New Member

Re: Group mapping problem with AD after an upgrade 3.3 => 4.1(3)

(Thank you Prem for the fast answer)

It is what I thought in the begining, but I found that the ACS act like if he always received the group 'User' from Active directory. It's stange...

Regards,

Phil.

Re: Group mapping problem with AD after an upgrade 3.3 => 4.1(3)

Yes I cannot deny that, as it might something relating to that as well. As all the users are memebers of Domain Users, may be that is being returned or fetched, but other member ship information is not.

Strange - True :)

Regards,

Prem

110
Views
10
Helpful
3
Replies