电脑计算机论坛

 找回密码
 注册

QQ登录

只需一步,快速开始

查看: 2729|回复: 0

cisco acs一体机怎么加入域啊?(定制的windows2003,无法登录桌面,无法加入域)

[复制链接]
admin 发表于 2010-9-20 23:40:34 | 显示全部楼层 |阅读模式
首先ACS分软件版和硬件版,硬件的就是我现在说的这个ACS Solution Engine 4.1,这个大家应该知道吧,而且我们应该知道的是在做NAC L2DOT1X的时候,如果acs要与windows域联动的时候(与windows域联动是为了通过AD来验证用户名密码,根据用户名密码来进行nac的authentication,就是AAA里面的第一个A呵呵)ACS一定要加入到域中,这样ACS做GROUP MAPPING的时候,才能找得到EXTENAL DATABASE,现在问题出来了,软件版的ACS好说直接把装ACS的这台机子加入到域中就好了,但是我的ACS4.0现在是一个硬件盒子,而且配置好了即被锁定的,就是说登录系统就只显示的是一个LOCK NOTICE的提示,插上键盘鼠标都无法进行操作,只能通过网络机房其他机子访问它的web界面进行管理。。如何解决呢?通过查找资料终于在cisco网站找到了答案。如下:

Q. How does Cisco Secure ACS Solution Engine authenticate to Windows domains?



A. In general, in order to authenticate Windows NT 4.0 or Active Directory domain users, you must establish a Windows member or domain controller trust relationship. Since Cisco Secure ACS Solution Engine does not run the necessary Windows server services to establish this trust, an external Cisco Secure ACS remote agent is provided with the appliance solution. The Cisco Secure ACS remote agent can be installed on member servers, domain controllers, or backup domain controllers. Note: The best practice would be to install the remote agent on a full domain controller-this would allow it to perform its authentication functions with the least extra configuration requirements



就是要装这么个代理,害得我耽误了挺长时间。赶紧给大家说一下,免得大家遇到相同的问题受折磨,呵呵
您需要登录后才可以回帖 登录 | 注册

本版积分规则


QQ|手机版|小黑屋|电脑计算机论坛 ( 京ICP备2022023538号-1 )

GMT+8, 2024-12-28 02:50 , Processed in 0.092077 second(s), 20 queries .

Powered by Discuz! X3.5

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表