There's a mobile version of our website.
I have been doing a bit of reading on the ACS 4.2 remote agent compatibility with Windows 2008 R2, and it seems like the only way out is to upgrade the ACS to 5.2. We have Cisco ACS 4.2 SE and I would want someone to confirm that what if I install the Remote agent on a Windows 2003 member server instead of the 2008 R2 DC. Will such a scenario work?
Feedback is appreciated.
The situation with 2008 R2 is the following, unfortunately this specific OS is not supported for installation/authentication for ACS/Remote Agents below the code 220.127.116.11
So this means that you cannot install the RA in the Windows server 2008 R2, also means that if the Domain Controllers are running 2008 R2 the authention will fail. (Actually you will face random situations, sometimes will work other times will fail).
In your case you are wondering if installing the RA in a Windows server 2003 will work, the installation will work fine, but the authentication no.
Let me know if I can clarify something else for you about this just let me know.
Actually AD authentication is working perfectly fine at the moment. We have a 2008 R2 domain controllers and the agent is installed on a Windows 2003 member server. However as you mentioned, this might or might not work occasionally.
Can you point me to a Cisco doc stating that agent on a 2003 Windows member server running in 2008 R2 domain is not recommended?
Regards and thanks.
Yes, here is this one which has a bug documented with this information CSCtg37183 :
Extracted from previous link:
|ACS 4.x doesn't support 2008 R2 Server for AD.|
ACS 4.x does not support authentication to a backend 2008 R2 Active Directory server.
Install the ACS or Remote Agent on a 2003/2008 domain controller
Cisco doesn't support this scenario because sometimes work fine other doesn't work at all, so nobody wants an unstable network right, unfortunately the workaround doesn't help much. Although there is an ACS 5.2 trial version that you can test, let me know so I can get you the links.
Login to share your discussion activity with your friends on Facebook. You can control what you share and turn off sharing anytime.
Your Facebook friends can now see that you have started this discussion
Your Facebook friends can now see that you have commented on this discussion
Your Facebook friends can now see that you have read this discussion