We've been running an older version of Cisco ACS (2.6x) on windows server
2000 for several years now. It uses active directory in a windows 2003
domain as its external database to authenticate. Everything works fine;
however, I'd like to upgrade the server to server 2003, then possibly get
the latest version of ACS.
I loaded the old version of ACS on a test 2003 server; however, I cannot get
it to work. The ACS failed attempts logs just say 'unknown' under
authen-failed-code. It appears to be authenticating fine with active
directory. The event logs on the domain controllers show a successful logon,
as does the 2003 server. However, the 2000 server with ACS that works, shows
three events: successful network logon, special privileges assigned to new
logon, and user logoff. The 2003 server shows the successful logon and
logoff, but not the special privileges assigned.
I suspect it has something to do with server 2003's enhanced security. I
tried running CSAuth.exe, etc. as windows 2000, but it made no difference.
Any ideas? Any security settings I might try, services to check, or will
that version of ACS just not run on server 2003? Thanks. -Bob
