Cisco Systems OL-24201-01 manual Selecting an AD Group, Configuring AD Attributes

Note

Note

Note

•Save Changes to save the configuration, join the ACS to the specified AD domain with the configured credentials, and start the AD agent.

•Discard Changes to discard all changes.

•If AD is already configured and you want to delete it, click Clear Configuration after you verify that:

–There are no policy rules that use custom conditions based on the AD dictionary.

–The AD is not chosen as the identity source in any of the available access services.

–There are no identity store sequences with the AD.

The Active Directory configuration is saved. The Active Directory page appears with the new configuration.

The Windows AD account, which joins ACS to the AD domain, can be placed in its own Organizational Unit (OU). It resides in its own OU either when the account is created or later on with a restriction that the appliance name must match the name of the AD account.

Centrify configuration gets affected (sometimes gets disconnected) when there is a slow response from the server while you test the ACS connection with the AD domain. But, it works fine with the other applications.

Due to NETBIOS limitations, ACS hostnames must contain less than or equal to 15 characters.

Related Topics

•Selecting an AD Group, page 8-50

•Configuring AD Attributes, page 8-51