Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Problem ACS 4.0 with group mapping

A customer has an ACS 4.0.27 for Windows 2k3 SP2 and added a new domain. By mapping the domain with a group of Cisco Secure should authenticate with the user of that domain and access devices group Cisco Secure, but always authentic in the group ID 0 (Default).

I deleted the mapping and created again but it does not work.

I attach part of the CSAuth.log.

2 REPLIES
Community Member

Re: Problem ACS 4.0 with group mapping

Just a few things to check...

Does the new domain have a trust relationship with the local domain for ACS? This is required.

Is the same username used in both domains? The local domain will always use the local username. If this is the case, you may need to add the domain to the username, for example newdomain/username.

Community Member

Re: Problem ACS 4.0 with group mapping

Answer the first question, yes. The new domain has a trust relationship.

the username is different, and try to login in using the following sintax, domain\username or username@domain.com, but I think that the ACS 4.0 have a bug or similar. I'll take a test with ACS 4.1, if the test is OK, I'll notice

Thanks

179
Views
0
Helpful
2
Replies
CreatePlease to create content