Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

ACS 5.3: Active Directory Connectivity Problem



The purpose of this document is to talk about the ACS - Active Directory integration issue being faced on ACS 5.3.



After applying patch 3 or later on ACS 5.3, the Active Directory may show as disconnected or may fail to join.



Recently it has been noticed that after applying patch 3 or later, ACS 5.3 leaves the Active Directory domain and joins it back. If the service account  password has expired or has been changed (since the last ACS AD join) then ACS will fail to join the Active Directory back.


It is also noted that if the service account username or password contains a dollar sign ($),  ACS 5.3 will come back stating that the password is incorrect. This is documented as a bug CSCtz76233.


In order to resolve the issue please ensure that the service account password is correct, not expired and the username or password do not contain the dollar sign ($) before applying the patch 3 or above on the ACS 5.3.



Please refer to ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example for detailed information on how to integrate ACS 5.x to AD.


This doc is created with info from Vivek Santuka.


Helpful info!

Thank you. It is useful but unfortunately does not work for me.
The machine join username that is configured on ACS does not have dollar sign in the password but still the ACS loses connectivity with AD. I thought that because of the clock but sometiems the time difference is more than 5 minutes and it works without a problem!! strange.