I do not know if this it is a stupid question or not, anyway it stress me very hard because of complexity of the project.
I need to implement in very short time Cisco ACS 3.0 with Windows 2000 active directory authentification for users.
1. Description of the network:
My network it is large: 5000 windows users ( windows 98, 2000, XP ), multiple windows 2000-2003 Domain Controllers, Cisco 2950 switches, different models of Cisco routers, PIX.
2. What it is the desire:
By implementing this pice of software from cisco, the network administrators will have the possibility to log from internal LAN and from external ( using Dial-up,VPN, etc ) on the network equipments ( switches, routers, pix ) with their own windows 2000 domain password and perform different modifications upon configurations from this devices.
3 .The problems
a) I do not have much experience in configuring TACACS+ server and RADIUS.
b) The CISCO product CD containt a very few good documentation about what could be in this case a possible arhitecture for this sollution.
4. What I need
a) Some advices from people who has implemented this kind of sollution.
b) where can I find some basic documentation about what it is the way of the authentification process for a user who want to access a switch like example trought ACS 3.0
c) what are the basic hardware elements for deploying ACS arhitecture.
d) anything alse that can help me.
Thank you very much.