I have just been tasked with setting up the ACS 5.3 and am having
a few problems getting things started.
Here is a question from my server team -
ACS specifies an account to join the machine to the domain. Will this account then be the account that it communicates to AD on once it has joined the domain or is there somewhere we need to put AD credentials for LDAP lookup? Our AD administrator is happy to join it the domain but does not want ACS then running under his account”
In other words we dont want to use an admin account but surely
we only need an ordinary account that reads ad for authentication ?
Here are the account guidelines for joining ACS to AD, Once ACS joins to AD it will authenticate users through the workstation account that is created when its joined. The only time the ACS needs the credentials of the account is when the box joins to AD.
Predefined user in AD. AD account required for domain access in ACS should have either of the following:
•Add workstations to domain user right in corresponding domain.
•Create Computer Objects or Delete Computer Objects permission on corresponding computers container where ACS machine's account is precreated (created before joining ACS machine to the domain).
We recommend that you disable the lockout policy for the ACS account and configure the AD infrastructure to send alerts to the admin if a wrong password is used for that account. This is because if you enter a wrong password, ACS will not create or modify its machine account when it is necessary and therefore possibly deny all authentications.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :