Cisco AAA/Identity/Nac :: ASC5.2 - How To Tell Which Domain Controller Request Is Sent

Sep 12, 2011

Within ACS 5.2, does any know of a way to see which specific domain controller a request is sent to?

View 1 Replies


ADVERTISEMENT

Cisco AAA/Identity/Nac :: 1121 - Configuring ACS To Strip Domain From Request And Sending It To AD

Jul 24, 2011

We are currently evaluating a ACS 1121 running 5.2, we are trying to configure this to Authenticate eap-peap requests.

Our users will be using credentials in a username@example.com format, if the server sees a request using username@anotherrealm.com then it would forward the request to a external proxy radius server, if the server saw a request for our domain it would strip off the @example.com part and authenticate against AD.
 
Im finding it hard locating documentation to tell the server if a request comes from a NAS using username@example.com then strip @example.com and authenticate username against AD.

View 4 Replies View Related

Cisco AAA/Identity/Nac :: Force ACS V.5 To Join Domain With Certain Controller?

Sep 5, 2012

I try to join an ACS v. 5.3 to the domain.  For my acs in Location A, I can join without problems using my account. When I try to join the ACS in location B to the same domain with the same account, it doesnt work.I looked at the debug log files for the ad client, and noticed, that the ACS in location B goes to a certain Domain Controller. However, I would have expected the ACS to contact another DC, which is located on  the same location as the ACS ... this doesnt happen.
 
My question:  How does the ACS determine what DC to contact ? Is it possible to force the AC to join by connecting a certain DC ?

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.1.4 Any Version With Domain Controller On Windows Server 2008 R2

Feb 28, 2010

Is there currently any ACS version working with Windows Server 2008 R2 domain controllers?Our server stuff has recently upgraded the Domain Controllers to 2008r2 and turned off the 2003 servers. This didn't make our ACS 4.1.4 really happy.I've read now serveral posts regarding issues with ACS and Server 2008r2 and hope to find a solution (besides switching to LDAP, yukk).

View 5 Replies View Related

AAA/Identity/Nac :: ASA5510 Entry For LDAP Object That Refers To Domain Controller

Feb 14, 2013

On our ASA5510 in the area AAA Server Groups, there is an entry for LDAP and an object that refers to our 2003 Domain Controller. This DC has LDAP over SSL enabled and I can see the DN and Password for a domain user account.I've created two new DC's, both R2 2008 but when I enable these in the same way it says it could not authenticate, ERROR auth server not responding, AAA group removed.I thought this had something to do with CA being installed on a DC, but it's not running as a service on the DC that was already referred to.

View 2 Replies View Related

AAA/Identity/Nac :: Status-Server Request And ACS SE 4.2?

Mar 31, 2013

According to traces collected in mt ACS SE 4.2, it would seem that the underlying software does not support the RADIUS Status-Server request. Is this request type is supported in version 5.*?

View 2 Replies View Related

Cisco :: DMZ Connectivity To Domain Controller / AD

Feb 16, 2012

We relocated several servers to our DMZ and, without a domain controller in the DMZ (we plan to put a RODC in the DMZ later when we mvoe to Windows Server 2008), i punch through the standard recommended TCP ports. ports 88,135, 389, 53, etc.) to the internal network located DC. I am double hopping to the DC (I hope thast doesn't matter) as the DMZ located web server communicates to another IP address in the same DMZ network and then I NAT that address to the internal IP address of the DC. Everything seems to be working for the servers we moved to the DMZ but i think i don't have all the necessary TCP/UDP ports punched through because we have found that logging into the DMZ servers is taking an extended amount of time, sitting on the “applying settings” screen. For 2-34 minutes. Also, we noticed that our applciations fols have to now add the fully qualified domain names when making calls to servers that just needed the domain name. When i open the access-list up completely without opening specific TCP/UDP ports, the issue is resolved.

View 4 Replies View Related

Domain Controller Cannot Be Contacted

Nov 18, 2012

In my office we are using two networks , one is 16.x.x.x and another on is 15.x.x.x . 16.x.x.x having the domain controller. 15.x.x.x is only connected with Workgroup. my question is it possible to add 15.x.x.x network system into 16.x.x.x network . I tried to add but it gave error message "Domain Controller can not be contacted". Generally we cant add it into the domain i know that. is there anyway to connect the 15.x.x.x systems into 16.x.x.x domain using router in the network.

View 1 Replies View Related

Cannot Obtain Domain Controller Name

Jun 19, 2011

Type: Error

EventID: 1054

Description: Windows cannot obtain the domain controller name for your computer network. The specified domain either does not exist or could not be contacted. Group Policy processing aborted.

Dad's work laptop (XP) will no longer connect to any wifi at all. I removed the Intel PRO/set wireless utility so it would default to windows, enabled the Wireless Zero Config. It will acknowledge the network, attempt to get an IP address from the network for 1 minute, then it rotates down to the next network SSID in queue (I have 3 SSID's in our house). When it reaches the end, it just goes back to the "Windows is not connected to any wireless networks" message.

View 2 Replies View Related

NT4 Domain Controller Lost?

Mar 1, 2011

In 2004 I had a small home network of an NT4 domain controller with a 98 client and an XP client and an NT4 workstation laptop.ll was fine with the NT4 server providing a central store and print queue for a networked laser.Over time the laptop has been replaced with a Win7 (which will access the files but really doesn't the NT4 domain.) The Win98 has died and now finally the NT4 sever has gone too.I intend to revert now to a workgroup type set-up and forget about domains (I don't need it really) My problem is if I remove my XP machine from the domain I loose all the program menu, shortcuts desktop etc. which are stored under the domain user name login.Can I retrieve these or at least look at them so I can set up the local XP administrator account with all my familiar stuff.

View 3 Replies View Related

Domain Controller Cannot Be Found

Jul 5, 2012

I hav windows server 2003 w/ 3 clients on my home network.2 of these machines link w/ server when i formatted & try to link 3rd machine it says "A domain controller for the domain fits.local could not be contacted" this problem I have 2003 server + isa server 2004 + exchange server 2003 installed in one core i3 machine..........

View 9 Replies View Related

DNS / DHCP Domain Controller Addition

Feb 10, 2011

I am having trouble adding a computer to the Domain Controller. I have a cable modem running into a di-524 router. The router has DHCP and DNS relay disabled. I set the LAN IP Address of the router to 192.168.2.1. The router is connected to a switch with 10 pc's and a server running 2003. The server has an IP Address of 192.168.2.2. I setup a DHCP server inside 2003 with a scope of 192.168.2.100-192.168.2.199. Under scope options the router is set to 192.168.2.1 and DNS Servers is set to 192.168.2.2 (the ip address of the domain controller). When I try to add the computer it cannot contact the domain controller. Is there something wrong with my DHCP config or DNS?

View 3 Replies View Related

AD Domain Controller Concurrent Logons?

Nov 30, 2011

I am currently planning a Active directory deployment. It will most likely be a new forest, but the domain could become part of a existing forest. I have about 45 Computers with about 85 users. At one time there is about 42 users logging in as there is two shifts. The logons will be done all at once. Do you think two domain controllers will be able to handle the load?

View 9 Replies View Related

How To Create A Domain Host Controller For Xp

Apr 11, 2012

o create a domain host

View 2 Replies View Related

File Server And Domain Controller?

Nov 22, 2012

How has file server been affected by promoting your server to a domain controller? and what are file sever actually do?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: 4506 - ACS RADIUS Request Dropped 11051

Jan 10, 2012

Our ACS v5.2.0.26 started to drop connection from wired and wireless connections, with a "Radius Request Dropped" message. The detailed message is : "RADIUS Request dropped : 11051 RADIUS packet contains invalid state attribute".This message is usually preceded with a "RADIUS Request dropped : 24444 Active Directory operation has failed because of an unspecified error in the ACS" error.The communication with Active Directory seems to be ok since worstations are getting a valid ip adress when connected to a non 802.1x switch port (Cisco 4506).

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.1 - How To Generate Certificate Signing Request On Secondary

Oct 3, 2012

I have a pair of ACS appliances running 5.1 code. The appliances are set up as a replicated pair. I have valid local and trusted certificate authority certificates on the primary.

The trusted certificate authority certificate gets replicated to the secondary. Obviously the local certificate doesn't get replicated. I need to generate a certificate signing request on the secondary but it doesn't seem to allow you to do it.  

View 1 Replies View Related

Use Cross Cable For Setup Domain Controller?

Aug 11, 2011

I have only one PC. I use cross cable for setup Domain controller. Than network icon show available network but it is just only send and can't received.

View 1 Replies View Related

SQL Server Lost Connection With Domain Controller

Dec 6, 2011

I have a small network: - Domain server - Terminal Server - DB Server SQL 2008 (windows authentification) Usually, user lost connection to the domain.

View 1 Replies View Related

Domain Controller - Local Network Not Working?

May 4, 2011

we have using 10 system with domain contorller connected to network once disconnect server i cant acces to local systen ( per to per )

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Error Message 5405 RADIUS Request Dropped

Feb 22, 2011

The error message "5405  RADIUS Request dropped", what does it mean ? We have implemented 802.1X on a C4506 switch running IOS 12.2(53), it has worked fine for about 3 months but now I get users not able to authenticate. In the loggs on the ACS I get the obove message.
 
ACS 5.2 is running 5.2.0.26 Build 3075.

View 6 Replies View Related

Cisco Switches :: Internet Routing With SG300-20 And Domain Controller

Nov 27, 2011

I am trying to set up the SG300-52 and am struggling, I have a domain controller with IP address 192.168.0.1 I have a broadband router that is has a dynamc ip address. I have set up vlan1 aand vlan2
 
Vlan1 is getting its ip address from the domain which is 192.168.0.110
vlan2 is getting its ip from the broadband router.
 
I have setup Domain Name System in the Ip configuration tab
 
on Vlan1 I have a connected a dumb switch this connects all the computers in the local network. What I cannot get to work is the internet vlan.
 
who has setup up vlan routing with domain controller

View 6 Replies View Related

Home Network :: Primary Domain Controller Behind A Router?

Apr 15, 2013

what i am trying to accomplish is to set up a domain for my home network. the domain is going to consist of 2 server boxes both running ubuntu 12.10 server edition and a client machine running windows XPone linux box will be my DC using samba and the other will host email, and apache2 web services.i dont know if you need all of this info but in my experience its best to be thorough.I registered a domain through godaddy.com and made it point to my home IP address. now what happens because all of my machines are behind a router is when i type in my URL it brings up the login request for the cicsco webinterface. what i would like to happen is that my router points traffic to the ip address on my home net work 192.168.1.XXX that is hosting the apache2 webserver.I would also like to connect the client(XP) machine to the domain controller but i keep getting an error that says that the domain does not exist. I have been through the samba settings and they are exactly the same as when i set them up for a mock PDC using "example.com" as a domain name

View 1 Replies View Related

Convert Additional Domain Controller After Formatting Server

Nov 15, 2012

My Primary Domain Server is down and i have to format the server. I have 2 Additional domain controllers. How do I add DC after formating the server in the same domain.

View 1 Replies View Related

HP 5500G-EL Switch - Replacing Domain Controller With Something More Lightweight

Apr 24, 2013

We have a remote site with ~5 users, 4 IP phones and a network printer. Right now we have an old Win2003 box serving as the DC for that site. It is connected back to us via 10MB layer 3 routing on a HP 5500G-EL switch. This windows server is getting quite old and I'd like to avoid the expense of buying a new server just to hand out addresses and authenticate users. How do you all handle login authentication,dns,and DHCP for your lightweight remotes sites?

View 11 Replies View Related

Cisco AAA/Identity/Nac :: Accounting Setup On WLC 440x / 5508 ACS Takes It As Authentication Request And Fail

Dec 8, 2011

accounting in ACS 5.3. When I setup accounting on WLC 440x / 5508 ACS takes them as an authentication request and fail.
 
Here are some logs what I see in acsview:
 
Dec 9,11 6:05:11.783 PM
Radius authentication failed for USER: navrka2  MAC: a.b.c.d  AUTHTYPE: Radius authentication failed
 ACS Session ID:
dc2aaa1v/112555963/420
Audit Session ID:
0a9a01d7000001fd4ee23a3d
Tunnel Details:

[code]...

View 4 Replies View Related

Cisco Switching/Routing :: 7000 Domain Controller IP To Be Allowed For DHCP Relay

May 2, 2013

I have a Nexus 7000 Core Switch , and i need to allow the domain controller ip 10.x.x.x for DHCP relay on switch.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS V 5.2 Can't Join To Domain

Jan 18, 2012

l have a new ACS v 5.2 appliance and l´m trying to join to my domain, but l haven´t could, the acs shows me the Clock skew error, and l was checking some documents about it doesnt work. the acs have the same timezone and time that my domain, but the problem persist

View 7 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.2 Multiple AD Domain Authentication?

Feb 3, 2013

I have acs 4.2 for windows installed on a windows server 2003 box, because of a merger I need to now authenticate against 2 different domains, there is a bidirectional trust between the two domains and the dial-in permission has been set in ADUC but whenever I try to authenticate a user it says dial-in permissions needed in the acs failed authentication log.

View 5 Replies View Related

Cisco AAA/Identity/Nac :: Error When Joining Acs 5.3 To Domain

Dec 12, 2011

this is what happens when I try to join an acs 5.3 to the domain. On two other acs appliances, it works.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: 3395 DNS Domain Name Change

Nov 13, 2012

I have just change the DNS domain name of my ISE from CLI and restarted the appliance (its a 3395 appliance)However,, when i log in via GUI it doesnt reflect the new dns name.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS Express 5.0.1 Joining Domain

Dec 18, 2011

I have been having some issues with an ACS express joining a domain. This device previously had joined and after a weekend we received a notice that users were not authenticating to the domain.  This in turn let us to find out the the device was unable to join the domain.  Further research led us to find that the account the device was using to join the domain had been disabled.  However, after re-enabling the account we would only recieve domain timeouts when tried to join.  I opened a case with cisco and we have tried everything under the sun to no avail.  I can ping the AD server (name & ip) from the ACS express. Cisco apply a root patch that allowed us to create hosts file entries on the device.  I checked the system time and made sure it was within 5 minutes of the Domain controller time.  In the logs of the ACS express the only thing I can really find is:
 
-"Checking remote join status: SMB connectivity failed"

-"Timeout reached in getting AD Diag info"
 
"acsxp/server Warning Server 0 is DisconnectedMode, IOException for reason, ipc socket connect; No such file or directory:
 
Recently we re-imaged the ACS and tried to join the domain without the old config on it and just received the same error.  I reloaded the backup after that which also resulted in no change.  I am starting to think that there is more of a domain issue rather than networking but am having issues finding a way to prove this via the logs.  The are other ACS's configured in the network and the settings on this device match the settings on the other device in the network which are working correctly.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.2 New Windows Domain 2008

Mar 1, 2011

I have installed the Cisco ACS 4.2 in a server running Windows 2003 Server, and this server is member server of the domain. The ACS is working whit a Wireless Platform 4400, and authenticating to the Wireless Users using PEAP and Digital Certificate. But now, the windows platform will be upgraded to Windows 2008. My doubt are the following:

1. The ACS running in a windows 2003 server, will authentificate users in the new windows 2008 domain? 

2. At the beginning, the ACS and the Windows domain was 2003. Now whit the change of the version of windows domain, What happens whit the configuration of the acs server as member server? I need reconfigure the member server configuration in the ACS Server?

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved