06-15-2009 10:21 AM - edited 03-10-2019 04:32 PM
Hello,
I have 2 ACS SE boxes set up. One is the master, the other gets a copy of the DB via replication and is located in a different geographical area. I want failover for authentication and have installed the Windows agent on a server in the same network as the primary SE box and same for the secondary.
When I set up the agent that is on the network of the secondary, I set the ConfigproviderHost to be the secondary ACS SE box address. I'm wondering if this is accurate now since the agent does not show up with Windows Authentication but only Windows Logging when both were selected at install.
No changes were made to csagent.ini directly.
Should I point the windows agent on the secondary ACS SE's network to the Primary ACS SE's address for the "ConfigProviderHost"? I would like failover for the agents as well, if possible.
thanks
07-15-2009 05:01 PM
Hello,
I just read your post and would like to know where do you get the "windows agent" from. I also have two acs se boxes and we have just started to move to a domain and active directory. Information about how to use AD for authentication is hard to find.
I am running 4.0 on the acs se.
Thanks for any info you can offer.
07-17-2009 05:57 AM
Hi BM,
Windows agent should be there in the cd you got with the appliance. If you don't have that then open a case with TAC.
Check this link,
Regards,
~JG
Do rate helpful posts
07-16-2009 10:18 AM
JS,
There is no need to make any change in the ini file. Remote agent will cater both appliance. Now why windows authentication does not show up needs to be troubleshooted.
Make sure that software ver of both ACS and remote agent is same. Try to reinstall that remote agent and see if that fix it.
Else need to check if any firewall is blocking the port between secondary site RA and primary ACS.
The computer running ACS Remote Agent for Windows must be able to ping the ACS Solution Engines that it supports.
â¢Gateway devices must permit traffic between the computer running ACS Remote Agent for Windows and the ACS SE. Specifically, the remote agent must receive TCP communication on TCP ports that you configure in CSAgent.ini. The default TCP ports, if all services are used, are 2004, 2005, 2006, and 2007. The appliance must receive TCP communication on TCP port 2003.
Regards,
~JG
Do rate helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide