Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

ACS integrated with Microsoft AD -- Internal error

hi all:

we have ACS server used for TACACS server need to be integrated with MS AD.

After configuring the external DB in ACS, we are still not able to be authenticated by using AD account. and we found "Internal error" in the "failed attempts" log in the ACS server.

according to Cisco, Internal error is coming from Microsoft, did some come accorss the same problem before? and any solution?

3 REPLIES
Silver

Re: ACS integrated with Microsoft AD -- Internal error

If your usernames and passwords are on the external database like AD you can use a feature called RADIUS with expiry on concentrators, however any kind of password change feature is NOT supported when your NAS is a PIX firewall.

Below is the link for the RADIUS with expiry with Ciscosecure ACS for VPN users thorough 3000 series concentrators

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00800946b9.shtml

New Member

Re: ACS integrated with Microsoft AD -- Internal error

thanks for your reply. this is not exactly what i wanted

Silver

Re: ACS integrated with Microsoft AD -- Internal error

So you've configured an external database, thats a start. Have you added mappings from the AD domain to the ACS groups ? Have you configured those ACS groups to allow access ?

What config are you using on the devices to authenticate,authorize and account ?

339
Views
2
Helpful
3
Replies
CreatePlease to create content