Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS 3.0 on win2000 mixed mode server

Installed ACS 3.0 on a win2K server domain controller running in mixed mode. Any issues with changing over to native mode and also authenticating users from other domains that are also moving to native mode. As you can tell, not much Microsoft experience with Active Directories here. I have read the field Notice relating to bug CSCdy18833 regarding authentication failure from member servers and ensuring AD permissions are in place, but anything else I need to be aware of?

  • Other Security Subjects
Cisco Employee

Re: ACS 3.0 on win2000 mixed mode server

Not really, the bug and associated fixes in the Field Notice are the main thing. Once you get that sorted out everything should work fine for you.

New Member

Re: ACS 3.0 on win2000 mixed mode server

Concerning this Field Notice, I experienced a similar problem when I tried to authenticate users from another domain.

We achieved to find out the problem. First, the server tries to find the PDC of the other domain (DNS request : _ldap._tcp.pdc._msdcs.domain). The DNS

server answer with the full name and IP address. But afterwards, instead of using the DNS answer, the server make a new request with the PCD name

and appending its own domain. The DNS request fails, and the user is not authenticated. A workaround consists in chaging the DNS search-list for the server, but I'm intersted if anyone had a better solution, or if Cisco and/or Microsoft could fix that.

This widget could not be displayed.