Solved

Domain ACSAdmin

Posted on 2015-02-12
3
139 Views
Last Modified: 2015-02-12
I was reviewing groups in Active Directory and ran across ACSAdmin/Users/Guest Security groups.  Google searches don't turn up anything that describes these AD accounts.

What are these accounts?  Are they from legacy NT environments?  What do I need to know about these groups in general?
0
Comment
Question by:cobmo
  • 2
3 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40605936
This is definitely not a Built-in Group in Active Directory. I have done a search and it appears that it relates to Cisco Admin account/group. This was probably created to have active directory authentication. See link below...
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-4/user/guide/acsuserguide/admin_admin.html

Also see additional link
http://www.ciscopress.com/articles/article.asp?p=1678922


Will.
0
 

Author Comment

by:cobmo
ID: 40605950
We did have a Cisco ASA a couple of years ago and used a client gui install from an Admin workstation.  If there are no Cisco devices on the network, I assume it would be ok to remove users from the groups and deleting them after a couple of days?  I guess leaving them wouldn't matter if they had no members.
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40605965
That is correct. These groups were probably created manually. You can verify this using the below command.

get-adgroup -identity <groupname> -properties whencreated | fl

Open in new window


Are there any users in these groups? If there are what you could do as a test is removed them from the group (see if they complain about access) if they do add them back to the group and don't delete it. If you don't hear anything for a week or so you can remove the group.

Will.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now