[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Domain ACSAdmin

Posted on 2015-02-12
3
Medium Priority
?
197 Views
Last Modified: 2015-02-12
I was reviewing groups in Active Directory and ran across ACSAdmin/Users/Guest Security groups.  Google searches don't turn up anything that describes these AD accounts.

What are these accounts?  Are they from legacy NT environments?  What do I need to know about these groups in general?
0
Comment
Question by:cobmo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40605936
This is definitely not a Built-in Group in Active Directory. I have done a search and it appears that it relates to Cisco Admin account/group. This was probably created to have active directory authentication. See link below...
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-4/user/guide/acsuserguide/admin_admin.html

Also see additional link
http://www.ciscopress.com/articles/article.asp?p=1678922


Will.
0
 

Author Comment

by:cobmo
ID: 40605950
We did have a Cisco ASA a couple of years ago and used a client gui install from an Admin workstation.  If there are no Cisco devices on the network, I assume it would be ok to remove users from the groups and deleting them after a couple of days?  I guess leaving them wouldn't matter if they had no members.
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40605965
That is correct. These groups were probably created manually. You can verify this using the below command.

get-adgroup -identity <groupname> -properties whencreated | fl

Open in new window


Are there any users in these groups? If there are what you could do as a test is removed them from the group (see if they complain about access) if they do add them back to the group and don't delete it. If you don't hear anything for a week or so you can remove the group.

Will.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question