ACS v4.2: Administration of ACS Internal Database

Hi,
we're using ACS v4.2 for MAB and vlan-assignment. We imported the user's (mac-addresses) to the internal database via "CSUtil". The solution is working very well, the process for adding new mac-addresses is running . The process for deleting „old“ mac-addresses isn't ideal, we need to optimize the handling of "deathly mac-addresses".
My question:
Is it possible to block and delete mac-addresses by "last login time"? For example mac-address 001e8c3b0c09wasn't connected for 60 days, the pc or notebook is replaced already and the entry in the database has to be deleted.
Any idea?
Thanks in advance and kind regards
Matthias

Hi Matthias,
This feature is not possible with ACS. What you can try is to use extraxi software, from extraxi.com
You can integrate it with ACS and get all kind of customized reports, eg - when was the specific last connected...
most active user etc etc.
Here is the url http://extraxi.com/aaa-reports.htm
You can contact " Darpotter " one of the top netpros on aaa forum. He is with Extraxi and should be able to guide you further.
Regards,
~JG
Do rate helpful posts

Similar Messages

  • ACS internal database replication

    I have setup ACS internal database replication and it works once then the secondary config is overwritten and doesn't contain the AAA server of the primary.
    primary               - 10.100.253.25
    ACS 1113 running 4.2
    secondary          - 10.100.253.26
    ACS 1113 running 4.2
    Example of before and after
    Before replication
    The primary has these AAA servers listed under network components.
    self - 127.0.0.1
    acs2 - 10.100.253.26
    The secondary has these AAA servers listed under network components.
    self - 127.0.0.1
    acs1 - 10.100.253.25
    After replication
    The primary has these AAA servers listed under network components.
    self - 127.0.0.1
    acs2 - 10.100.253.26
    The secondary has these AAA servers listed under network components.
    self - 127.0.0.1
    acs2 - 10.100.253.26
    therefore after the first replication subsequent attempts will fail because the secondary won't accept attempts from unknown AAA servers. Is this to be expected or can I mitigate it in someway?

    Please try setting the original ip address by using "Set ip" Command from the console connection of the ACS Solution engine. Once you successfully changed the ip address, you can apply the patch 11 or above (latest is patch 16) on the ACS SE (This will fix the problem).
    In majority of cases set ip command fails but sometime works too.
    In case it doesn't help then we have 2 options:
    1.] Open a TAC case, send the database file to delete the entry.
    2.] If you are not intrested sending your database then try the below listed steps:
    In order to remove the loopback entry from the Database, we need to follow following steps,
    Please download ACS 4.2 trial from following link, if you do not have ACS Full version for Windows purchased.
    http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-eval- eval-ACS-4.2.0.124-SW.zip
    [1] Install eval version on Windows 2000/2003 server. Please also ensure that JAVA is installed on that server.
    [2] Take a backup from ACS SE from, System Configuration > ACS Backup >Backup Now.
    [3] Restore the database backup on ACS eval.
    [4] On eval ACS , go to Network Configuration > find the AAA Server entry with 127.0.0.1 entry. Edit it and give it some other IP for
    example, 1.1.1.1. Submit + Apply.
    [5] On eval, Restart CSAdmin service.
    [6] On eval, go back to Network Configuration and search for the changed IP address and delete that entry, Delete + Apply.
    [7] Take a backup from eval ACS, System Configuration > ACS Backup > Backup Now.
    [8] Restore the database backup from eval ACS into ACS SE from option, System Configuration > ACS Restore, choose the database backup. Check Check option "User and Group Database" and "CiscoSecure ACS System Configuration", then press Restore Now.
    [9] On ACS SE, go to Network Configuration, make sure that 127.0.0.1 entry is not there and for ACS SE's hostname we have the correct IP address. Go to Proxy Distribution Table > (Default). Move the server’s hostname entry that has correct IP for this ACS SE into "Forward To" column, if not already. Then press "Submit + Restart".
    Reference defect, CSCso36620 - Toggle nic command changes AAA server ip address to "127.0.0.1" in GUI.
    Regards,
    Jatin
    Do rate helpful posts-

  • Administrator Access ACS V4.2

    I have just reimaged one of my ACS appliances as it was completely corrupted.
    Now I have done this I have connected it to the network via DHCP so I can patch it from v4.2 to the latest version.
    The machines is now on the same VLAN as my workstation. When I try to login I get the message
    "This machine cannot be used for administration"
    The box is a vanilla install with only the passwords set on the machine - my workstation has its local firewall turned off and is not using a proxy server.
    Any suggestions - as I can't log into the gui I can't change any settings there?
    Thanks
    Giles

    Pablo,
    He is running acs for appliance and not acs for windows so access to the box isnt possible.
    Giles what version browser are you using? If you are using IE8 you may want to install Mozilla as IE8 isnt supported. If you arent using IE8 you may want to check which version of java you are also using.
    Hope this does the trick,
    Tarik

  • Windows Internal Database on Windows Server 2012 - How can I find out what role or feature is using it?

    We have setup many roles and features and apparently one of them is using the Windows Internal Database (WID). We have had some events logged for WID and need to troubleshoot them. But we are not sure which role/feature is using it. How can I find
    this out?

    Hi,
    Several components of Windows Server 2008 and 2012 use Windows Internal Database for their data storage: Active Directory Rights Management Services, Windows System Resource Manager, UDDI Services, Active Directory Federation Services 2.0, IPAM and Windows
    SharePoint Services.
    Which role did you setup or what is the error message did you received?
    Regards.
    Vivian Wang

  • An internal database error occurred in the Business Data Connectivity Shared Service. SQL Error Number : 229

     Recently i upgraded my SharePoint server 2013 to SP1, after the upgrade i received following message in manage database Status page " Databases running in compatibility range, upgrade recommended" 
    for Business Data Connectivity Database. Then i ran Sharepoint Configuration wizard, which fixed that error on that page but i am getting a error message while accessing BDCApplication page in manage service applications pagein central admin"
    An internal database error occurred in the Business Data Connectivity Shared Service. SQL Error Number : 229
    Sys Log :
    The BDC Service application failed due to a SQL Exception: SQLServer host WSQLD05\DV. The error returned was: 'The EXECUTE permission was denied on the object 'proc_ar_GetAdministrationMetadataCatalogByPartitionId', database 'sp_BusinessDataConnectivity_DV13',
    schema 'dbo'.'
    I checked the Db role of the service app pool account, it has SPDataAccess permission over the Database. i cant recreate another application without knowing the root cause. I hope i can get better option to troubleshoot the issue.
    Thank you

    As per the error message, you can at least grant the BDC service application pool account the EXECUTE perimssions on the sp_BusinessDataConnectivity_DV13 database
    Edwin Sarmiento SQL Server MVP | Microsoft Certified Master
    Blog |
    Twitter | LinkedIn
    SQL Server High Availability and Disaster Recover Deep Dive Course

  • Windows Internal Database RDS 2012 R2

    Hi folks
    It's possible collect information on logon in servers Session Host across from Windows Internal Database in the RDS Connection Broker?
    Thanks
    Wilsterman Fernandes

    Hi,
    Do you need any other assistance?
    Thanks.
    Dharmesh Solanki
    TechNet Community Support

  • Failed to provision site PWA with error: Microsoft.Office.Project.Server.Administration.ProvisionException: To create databases we need dbcreator and securityadmin server roles on servers.

    I'm getting the following errors while trying to provision a PS 2010 PWA on our SharePoint 2010 farm. Our PS instance has been working for a while now, and houses two other PWAs. But today,
    when trying to create this one, I get "Failed - see the Application event Log" and the following in the Event Viewer:
    Log Name: Application
    Source: Microsoft-SharePoint Products-Project Server
    Date: 4/2/2014 2:09:08 PM
    Event ID: 6980
    Task Category: Provisioning
    Level: Error
    Keywords:
    User: DOMAIN\DB_Access
    Computer: server
    Description:
    Provisioning 'PWA/SDN': To create databases we need dbcreator and securityadmin server roles on servers 'DB1' and 'DB1'.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Microsoft-SharePoint Products-Project Server" Guid="{b2178104-1b5b-4c20-8c8f-960678ced9e5}" />
    <EventID>6980</EventID>
    <Version>14</Version>
    <Level>2</Level>
    <Task>20</Task>
    <Opcode>0</Opcode>
    <Keywords>0x4000000000000000</Keywords>
    <TimeCreated SystemTime="2014-04-02T19:09:08.225Z" />
    <EventRecordID>1676727</EventRecordID>
    <Correlation ActivityID="{90131653-B0A4-4FAF-A43C-7DF07CBC3332}" />
    <Execution ProcessID="11040" ThreadID="12384" />
    <Channel>Application</Channel>
    <Computer>sharepoint</Computer>
    <Security UserID="S-1-5-21-2280669542-4145173436-3058324265-4222" />
    </System>
    <EventData>
    <Data Name="string0">PWA/SDN</Data>
    <Data Name="string1">DB1</Data>
    <Data Name="string2">DB1</Data>
    </EventData>
    </Event>
    Log Name: Application
    Source: Microsoft-SharePoint Products-Project Server
    Date: 4/2/2014 2:09:08 PM
    Event ID: 6993
    Task Category: Provisioning
    Level: Error
    Keywords:
    User: DOMAIN\DB_Access
    Computer: sharepoint
    Description:
    Provisioning 'PWA/SDN': Failed to provision databases. An exception occurred: To create databases we need dbcreator and securityadmin server roles on servers..
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Microsoft-SharePoint Products-Project Server" Guid="{b2178104-1b5b-4c20-8c8f-960678ced9e5}" />
    <EventID>6993</EventID>
    <Version>14</Version>
    <Level>2</Level>
    <Task>20</Task>
    <Opcode>0</Opcode>
    <Keywords>0x4000000000000000</Keywords>
    <TimeCreated SystemTime="2014-04-02T19:09:08.225Z" />
    <EventRecordID>1676728</EventRecordID>
    <Correlation ActivityID="{90131653-B0A4-4FAF-A43C-7DF07CBC3332}" />
    <Execution ProcessID="11040" ThreadID="12384" />
    <Channel>Application</Channel>
    <Computer>sharepoint</Computer>
    <Security UserID="S-1-5-21-2280669542-4145173436-3058324265-4222" />
    </System>
    <EventData>
    <Data Name="string0">PWA/SDN</Data>
    <Data Name="string1">To create databases we need dbcreator and securityadmin server roles on servers.</Data>
    </EventData>
    </Event>
    Log Name: Application
    Source: Microsoft-SharePoint Products-Project Server
    Date: 4/2/2014 2:09:08 PM
    Event ID: 6958
    Task Category: Provisioning
    Level: Error
    Keywords:
    User: DOMAIN\DB_Access
    Computer: sharepoint
    Description:
    Provisioning 'PWA/SDN': Database provisioning failed.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Microsoft-SharePoint Products-Project Server" Guid="{b2178104-1b5b-4c20-8c8f-960678ced9e5}" />
    <EventID>6958</EventID>
    <Version>14</Version>
    <Level>2</Level>
    <Task>20</Task>
    <Opcode>0</Opcode>
    <Keywords>0x4000000000000000</Keywords>
    <TimeCreated SystemTime="2014-04-02T19:09:08.225Z" />
    <EventRecordID>1676729</EventRecordID>
    <Correlation ActivityID="{90131653-B0A4-4FAF-A43C-7DF07CBC3332}" />
    <Execution ProcessID="11040" ThreadID="12384" />
    <Channel>Application</Channel>
    <Computer>sharepoint</Computer>
    <Security UserID="S-1-5-21-2280669542-4145173436-3058324265-4222" />
    </System>
    <EventData>
    <Data Name="string0">PWA/SDN</Data>
    </EventData>
    </Event>
    Log Name: Application
    Source: Microsoft-SharePoint Products-Project Server
    Date: 4/2/2014 2:09:08 PM
    Event ID: 6971
    Task Category: Provisioning
    Level: Error
    Keywords:
    User: DOMAIN\DB_Access
    Computer: sharepoint
    Description:
    Failed to provision site PWA/SDN with error: Microsoft.Office.Project.Server.Administration.ProvisionException: Failed to provision databases. ---> Microsoft.Office.Project.Server.Administration.ProvisionException: To create databases we need dbcreator and
    securityadmin server roles on servers.
    at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.EnsureDatabases(ProjectProvisionSettings provset, SPSite pwaSite, String adminName, String adminEmail, ProjectDatabaseStateType& originalDatabaseState, Guid& adminGuid)
    --- End of inner exception stack trace ---
    at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.EnsureDatabases(ProjectProvisionSettings provset, SPSite pwaSite, String adminName, String adminEmail, ProjectDatabaseStateType& originalDatabaseState, Guid& adminGuid)
    at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.CreateSite(ProjectProvisionSettings provset)
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Microsoft-SharePoint Products-Project Server" Guid="{b2178104-1b5b-4c20-8c8f-960678ced9e5}" />
    <EventID>6971</EventID>
    <Version>14</Version>
    <Level>2</Level>
    <Task>20</Task>
    <Opcode>0</Opcode>
    <Keywords>0x4000000000000000</Keywords>
    <TimeCreated SystemTime="2014-04-02T19:09:08.226Z" />
    <EventRecordID>1676730</EventRecordID>
    <Correlation ActivityID="{90131653-B0A4-4FAF-A43C-7DF07CBC3332}" />
    <Execution ProcessID="11040" ThreadID="12384" />
    <Channel>Application</Channel>
    <Computer>sharepoint</Computer>
    <Security UserID="S-1-5-21-2280669542-4145173436-3058324265-4222" />
    </System>
    <EventData>
    <Data Name="string0">PWA/SDN</Data>
    <Data Name="string1">Microsoft.Office.Project.Server.Administration.ProvisionException: Failed to provision databases. ---&gt; Microsoft.Office.Project.Server.Administration.ProvisionException: To create databases we need dbcreator and securityadmin
    server roles on servers.
    at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.EnsureDatabases(ProjectProvisionSettings provset, SPSite pwaSite, String adminName, String adminEmail, ProjectDatabaseStateType&amp; originalDatabaseState, Guid&amp; adminGuid)
    --- End of inner exception stack trace ---
    at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.EnsureDatabases(ProjectProvisionSettings provset, SPSite pwaSite, String adminName, String adminEmail, ProjectDatabaseStateType&amp; originalDatabaseState, Guid&amp; adminGuid)
    at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.CreateSite(ProjectProvisionSettings provset)</Data>
    </EventData>
    </Event>
    Anybody ever get any events like this before? I'm not finding much or nothing on Google or on other forums, so I thought I would run it past and see if anyone has experienced anything of a similar
    nature. And yes, the farm account obviously has creator/secadmin permissions, at this point of our deployment....
    I look forward to any and all feedback. Thanks and good afternoon!

    I figured out the answer to this myself. For those few who might run into something akin to my error...
    During the off-hours of where I work, I re-applied the farm account credentials to all dB server VM SQL services that had the account for a log-on (i.e., MSSQLSERVER, SQLSERVERAGENT, etc.) as well as all SharePoint services on our WFE/App Server VM (a two
    server farm is what we host), in that order. Then I rebooted the dB server first, followed by the SharePoint server. Upon coming back, everything was working fine again. I was able to provision a site, no probelm, and it seemed to even be a little snappier
    when doing so.
    One note: doing this procedure gave me a "One or more services have started or stopped unexpectedly" error in the Health Analyzer, for the SPTimerV4 service. When you get this, simply enter into the item and click on "Reanalyze Now;" this will quickly clear
    the error out of the Analyzer, and all should be right with the world! :)

  • What are the limits of using windows internal database in RMS?

    hi,
    We dont have SQL server to use and opting to use windows internal database
    What are the limits of using windows internal database in RMS?
    tnx

    Hi,
    the main limitation is that you cannot access a SQL express from remote (even there are tricks to work around that), so you cannot add another machine to the RMS cluster. 
    Microsoft's recommendation for production systems is to use a full SQL server, what allows you clustering and running all sorts of maintenance tasks.
    Other than that SQL Express has a 10GB total limitation for all databases running on that server.
    See also http://technet.microsoft.com/en-us/library/dd772673(v=WS.10).aspx for RMS hardware and software requirements. 
    Hope that helps,
    Lutz

  • Remote connect to Windows Internal Database from another server

    Hello,
    I have a WSUS server which has Windows Internal Database installed. Now If I have to manage the database using SQL Server management studio, then I need to connect using the Server Name as \\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query
    Now, if I want to connect to the server that has Windows Internal Database installed, but does not have SQL Server Management Studio installed, then how to connect?
    Please advice. Thanks in advance.
    Rajiv

    You can either install SQL Server management Studio or SQLCMD and then work with Windows Internal Database
    Both of these are freely downloadable from microsoft website.
    Please find the links for SQL 2014
    Management Studio
    http://www.microsoft.com/en-gb/download/details.aspx?id=42299
    You can download one of these based on 32/64bit
    MgmtStudio 32BIT\SQLManagementStudio_x86_ENU.exe
    MgmtStudio 64BIT\SQLManagementStudio_x64_ENU.exe
    SQLCMD
    http://www.microsoft.com/en-gb/download/details.aspx?id=29065
    Check the section  Microsoft® SQL Server® 2012 Command Line Utilities
    HTH
    Regards, Ashwin Menon My Blog - http:\\sqllearnings.com

  • Can we register newly built Seconday ACS 5.3 to Existing ACS 4.1

    We have a Existing ACS 4.1 as Primary and we have built a new ACS 5.3 . Can we register newly built  ACS 5.3  to Primary ACS 4.1  as a Secondary devices  

    No. ACS versions 4 and 5 are totally different. Version 4 was made under Microsoft Windows or for Windows but version 5 is Linux.

  • Server 2012: Windows Internal Database error during installation

    I am using the current RC build.
    While trying to install IPAM services, I am prompted to install a Windows Internal Database.
    However, setup consistently dies on me with an error that "The operation could not be completed, because the server that you specified requires a restart".
    OK, fine. I restart the server and start setup again and I get the error again. Anyone seen this before?

    Open up your domain group policy editor.
    Navigate to the Default Domain Policy
    Navigate to Policies -> Windows Settings -> Security Settings -> Local Policy -> User Rights Assignment
    Find the “Log on as a service” policy and edit it.
    Click on “Add user or group” button.
    Add the following users: NETWORK, NETWORK SERVICE, SERVICE
    Got to your Server 2012 machine and open an elevated command prompt.
    Type in: gpupdate /force. Wait for it to successfully complete
    Now try and install the WID .
    You should now have successfully completed the installation.
    This worked for me.  I created a GPO for the container that the server was in, and applied the users as you showed.  After a GPUPDATE /FORCE everything worked great, I was able to install the WID and then was able to install WSUS.
    Thank you for this help and greetings from the US.

  • How to config JDBC adapter for internal database

    Hi all,
    I have configured a scenario that sends data from PROXY to JDBC adapter, JDBC adapter connects to the internal database. The Proxy adapter is OK, but the Receiver JDBC adapter I really don't have any idea about it. Please let me know.
    The version, I am doing on it, is 7.1
    Thanks in advice.
    Ken.

    Hi ,
    Check in your message mapping after execution( Target Side)  -> Test Tab -> XML structure,
    it Should be like this/ in this format
    here action/ table/access : these tagname should not be changed.
    Enter the new column values in the <access> element.
    Enter exactly one <access>element.
    <StatementName>
         <dbTableName action=u201DINSERTu201D>
         <table>TableName</table>
          <access>
                 <col1>val1</col1>
                 <col2>val2</col2>
          </access>
         </dbTableName>
    </StatementName>
    Statement would be like this :
    INSERT INTO TableName  (col1, col2) VALUES(u2018val1u2019, u2018val2u2019)
    Regards
    Prabhat Sharma.

  • SQL error: Internal database error *** ERROR *** Assertion failed: 201501 (10.0.1.3415)

    A SQLA10 production database has been crashing at a customer site.
    Here's the error which displayed when I tried to unload the database...
    Unloading "DBA"."schedule_profile" into C:\resq\resqprod2\db\unload\719.dat (relative to server)
    Unloading "DBA"."schedules" into C:\resq\resqprod2\db\unload\720.dat (relative to server)
    ***** SQL error: Internal database error *** ERROR *** Assertion failed: 201501 (10.0.1.3415)
    Page for requested record not a table page or record not present on page -- transaction rolled back
    The database 'C:\resq\resqprod2\db\resqprod2.db' could not be unloaded.
    The database 'C:\resq\resqprod2\db\resqprod2.db' could not be unloaded.
    I think that backups may also have this error.
    Can the database be salvaged?
    Thank you,
    Doug

    Hi Doug,
    The error seems to be saying that a pointer is pointing to an invalid page.
    Actually, the assertion message is suggesting that we were scanning for a row (record) on a particular page where we expected to find it, and didn't - the table page is likely corrupt.
    Does a utility exist which would eliminate all pointers to invalid pages?
    No. If the database is corrupted, it is best to move to your database recovery procedure from a valid backup. See KBA 1959391 - How can a SQL Anywhere (stand alone) database be restored from a full or incremental backup?
    If you do not have a valid database backup but can still start and connect to the corrupted database (and it seems that you can), you can attempt to salvage the data out of the corrupted database tables manually to extract it to a new database (as Jinwoo suggested). See KBA 1959030 - How To Salvage Data When There are Corrupt Pages in the Database. Using -e to skip tables is appropriate and then trying to select the data that is not contained on invalid pages via the KBA instructions is your best option in this case.
    Does sap/sybase offer a recovery service?
    No, there is no such "recovery service" underneath SAP and any previous mentions of salvages were one-off contracts underneath Sybase Professional Services, and not a technical support service. These contracts are not available at SAP.
    This topic was discussed thoroughly on the SQL Anywhere forum ( http://sqlanywhere-forum.sap.com/ ) previously here and here.
    The prevention for this situation is to have properly validated backups, preferably in multiple backup generations to provide many opportunities for recovery. See: http://wiki.scn.sap.com/wiki/x/3QNcFg
    Regards,
    Jeff Albion
    SAP Active Global Support

  • Migrate WSUS/MS Internal database from 2005 express to 2012 express

    We are using WSUS 3 SP1 on a 2008r2 server and 2005 SQL Express to host the internal database. Is there anything I need to do to upgrade this to 2012 SQL Express? We have an application which is requiring 2012 Express as a minimum and would like everything
    under one package with separate database instances.

    Hi
    As Alberto’s post, it's not supported to run a Windows Server Update Services (WSUS) database on SQL Server 2012 in Server 2008 R2. Since your application requires SQL Server 2012 Express as a minimum, you can try the following method:
    1. WSUS in Server 2012 supports SQL Server 2012, if you want to upgrade WSUS database supports SQL Server 2012, you need to upgrade WSUS 3.0 SP1, operation system and so on. For more information, you can post the question about WSUS in the
    Windows Server forums. It is appropriate and more experts will assist you. In addition, upgrade SQL Server 2005 to SQL Server 2012, as Shanky’s post, you need to make sure that your SQL Server 2005 has been applied Service Pack 4.
    2. However, if you don’t want to upgrade WSUS database from SQL Server 2005 to SQL Server 2012, I recommend you to install a new instance of SQL Server 2012 on Windows Server 2008 R2.
    In addition, before installing SQL Server 2012 or upgrading to SQL Server 2012, your system should meets the following prerequisites:
      • The Windows Installer service must be running.
      • Microsoft .NET Framework 3.5 SP1 and .NET Framework 4.0 are required.
      • Windows PowerShell 2.0 or later is required if you're upgrading the database engine.
    For more information about the prerequisites for installing SQL Server 2012, please review the following link:
    Hardware and Software Requirements for Installing SQL Server 2012:
    http://msdn.microsoft.com/en-us/library/ms143506(v=sql.110).aspx
    Thanks
    Lydia Zhang

  • ACS 5.1 administrator authentication via AD

    Hi,
    We are migrating from ACS 3.3 to 5.1 - formerly we were able to configure ACS to use an external database for internal user passwords. Thus, in 3.3, we had AD users using a Windows database for their password and we were able to use our AD accounts to administer ACS.
    In 5.1, when viewing the "Accounts" under the System Administration dropdown, there appears to be only the ability to create internal accounts and use internal passwords. This is yet another password mechanism to track, enforce, and audit - it would be preferable to have the option to use our AD accounts to get around this. I've looked through the User and Identity stores and don't see an obvious way of making this work, and there is no mention of it in the documentation.
    Note that I am not talking about authenticating devices to Active Directory, this functions fine - I'm talking about the actual ACS system administrator / web authentication. Am I just missing the option?
    Thanks.

    Doug,
    The option you are looking for in not available in any  ACS 3.x/4.x / 5.x.
    ACS administrators are configrued  locally.
    Regards,
    ~JG
    Do  rate helpful posts

Maybe you are looking for