After installing the iso onto a VM or booting the appliance with the basic network configuration, follow the below steps to integrate into Active Directory
Joining ACS to Active Directory
>> Users and Identity Stores >> External Identity Stores >> Active Directory >> General Tab
- Select ACS Node
- Click Join
- Enter domain name
- Enter Username and Password of AD account with access to add computer objects to the domain
- Status should change to “Joined and Connected”
- Save Changes
Adding AD Groups to ACS
>> Users and Identity Stores >> External Identity Stores >> Active Directory >> Directory Groups Tab
- Click on select
- Browse AD Groups – may need to specify the AD group name (Default – Display random 100 groups)
- Save Changes
Enable Domain if the DC manages multiple domains
>> System Administration >> Administrators >> Administrative Access Control >> Authentication Domains
- If there are multiple domain names, verify that the “Authenticate” column is set to YES
Enable ACS to authenticate via AD
>> System Administration >> Administrators >> Administrative Access Control >> Identity
- Change “Identity Source” to AD1
- Save Changes
Mapping ACS management permissions to AD group created above
>> System Administration >> Administrators >> Administrative Access Control >> Authorization
- Customize – Lower Right
- Remove “System:UserName”
- Add “AD1:ExternalGroups”
- Add “Compound Conditions”
- OK
- Save Changes
- Click on Create – Lower Left
- Enter Name “ACS Administrators”
- Status – Enable
- Check/Enable Conditions
- Select Previously created AD Group
- Select Roles
- Check/Enable SuperAdmin or relavent
- OK twice
- Save Changes