Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Issue in multi domain authentication in ACSE


We have Cisco ACSE 1112 and would like to do the 802.1x authentication using multiple domains. The windows 2003 standard edition OS is used for domains. The two way trust is created between win 2003 domains and able to view the other domain users after created the trust.

The ACSE remote agent is installed on one of the domain server and ACSE detects all domains which are connected through trust relationships. But when trying "add mappings" in the ACSE, it is displaying error like "failed to numerate Windows groups. If you are

using Active Directory consult the installation guide for information."

The windows groups are displayed only gor the domain where the remote agent is loaded.

Is it necessry to have windows 2003 enterprise edition or windows 2003 standard edition is enough to do the above task? Is there anything to do specific in creating trusts?

Kindly help me to resolve the problem.




Re: Issue in multi domain authentication in ACSE

ACS solution Engine supports multiple domain authentications using one CSA installed. For this to happen; you need to have a two-way trust relationship between the CSA domain and all other domains. In that way, the ACS will be aware of all users and groups in those domains.