ACS, Remote Agent and Active Directory

Just a quick note.  When configuring the Remote Agent for the ACS appliance it’s of critical importance that the following instructions are followed:

AD Changes 

Woops, maybe these work.

Without these changes it just doesn’t work.  I kept getting “Internal Error” on the ACS log and “error 6L” in the debug mode on the remote agent.  I think the problem I was running into there was because I was logged in as myself and not as the user that the service needs to “run as”.


powered by performancing firefox

4 thoughts on “ACS, Remote Agent and Active Directory

  1. Edited the link. I’m not certain but I think this is what I was referring to. Specifically, when it’s installed on a member server you have to put the appropriate machine authentication info into the domain or it won’t work.

    Hope that’s what you’re looking for!

  2. Hello
    We also have the same problem with authenticating users via ACS Appliance and Remote Agent. We got Internal Error on the ACS and ‘NTLIB: Windows authentication FAILED (error 6L)’ on Remote Agent.
    We did everything with this Cisco instruction but it still doesn’t work. The problem is that we cannot enable WINS on our servers (because of some security reason). But I don’t think that it is a problem. We tested it on our test environment (with and without WINS) and it works. But on our production servers it still doesn’t work (we have installed Remote agent on Win2003, and Domain Controllers are on Win2008)
    Could describe what exactly you have changed in your configuration, that it started to work.

  3. @Marcin
    Unfortunately this was a while ago and I’ve purged my memory to make room for new things! 🙂 Seriously, some things I’d look into are, are you 2003 for AD or did you move AD to 2008? I have no idea if that would cause a problem.

    The specific instructions for putting the machine authentication into the domain are critical. I recall that being a problem without it.

    And no, I don’t think WINS is necessary.

Leave a Reply