Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

least privilege of AD account and certificate migration

Hi, All:

     I want to migrate ACS from 4.2 to 5.4, but i have some questions:

     1. ACS 5.4 will combine authentication function with Microsoft AD, but the AD administrator don't give me the Admin account, what is the least privilege of Account for combining with ACS 5.4?

     2. i have some scanners, it uses PEAP+ MSChapV2 authentication method, so it will be imported certificate from CA server. if i migrate ACS 4.2 from 5.4, do i need to apply the new certificate for scanners and ACS 5.4 from CA server?

      thank you !!

Everyone's tags (3)
2 REPLIES

least privilege of AD account and certificate migration

Hi,

For the first question, the user account privs are clearly specified in the binding to AD section.

http://www.cisco.com/en/US/products/ps9911/products_configuration_example09186a0080bc6506.shtml#dfgt

For the second question, if you have the private key from ACS 4.2 you can back that up with the cert and import that into ACS 5.4 as the EAP interface.

Tarik Admani
*Please rate helpful posts*

Tarik Admani *Please rate helpful posts*
New Member

least privilege of AD account and certificate migration

Hi, Admani:

     Thanks for your reply!

168
Views
0
Helpful
2
Replies
CreatePlease login to create content