https://community.cisco.com/t5/network-access-control/authentication-with-active-directory/m-p/908064#M407751 <P>Hi!</P><P></P><P>I'm using PEAP authentication with the Active Directory. I have Cisco Secure ACS 4 and Cisco Aironet 1230 APs. The users use their Windows account to log in, but when I change the password in the AD the password doesnt change in the Secure. Anybody knows if if this possible and how can I do these passwords be updated in the Secure database?</P><P></P><P>]Thanks</P> Sun, 10 Mar 2019 22:38:47 GMT gustavo.pena 2019-03-10T22:38:47Z https://community.cisco.com/t5/network-access-control/authentication-with-active-directory/m-p/908064#M407751 <P>Hi!</P><P></P><P>I'm using PEAP authentication with the Active Directory. I have Cisco Secure ACS 4 and Cisco Aironet 1230 APs. The users use their Windows account to log in, but when I change the password in the AD the password doesnt change in the Secure. Anybody knows if if this possible and how can I do these passwords be updated in the Secure database?</P><P></P><P>]Thanks</P> Sun, 10 Mar 2019 22:38:47 GMT https://community.cisco.com/t5/network-access-control/authentication-with-active-directory/m-p/908064#M407751 gustavo.pena 2019-03-10T22:38:47Z https://community.cisco.com/t5/network-access-control/authentication-with-active-directory/m-p/908065#M407753 <HTML><HEAD></HEAD><BODY><P>4.3 ACS CONFIGURATION STEPS:</P><P> </P><P></P><P>The new window will be come and click on next</P><P></P><P> </P><P> </P><P></P><P></P><P> </P><P></P><P></P><P> </P><P></P><P></P><P></P><P></P><P> </P><P> </P><P> </P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P> </P><P></P><P> </P><P></P><P>Log in to the Cisco ACS </P><P></P><P></P><P></P><P></P><P> </P><P></P><P>Select the ACS admin from web browser</P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P>Click on administration control:-</P><P> </P><P>Add administrator and grant all permissions with account never expire and submit it </P><P></P><P>In network configuration add AAA client:-</P><P> </P><P>Give the IP address of AAA client (ACCESS POINT) with the secret shared key between AAA and ACS</P><P> </P><P></P><P>Give the Ip address, shared Key and encryption key (length is 26bits).</P><P>1. And select the RADIUS (Cisco Aironet) in the field authenticates using.</P><P> </P><P></P><P>1. Select the Global Authentication setup for LEAP (LIEGHTWIEGHT EXTENSIBLE AUTHENTICATION PROTOCAL)</P><P></P><P> </P><P>2. Select system configuration and select the leap, allow eap-mds.</P><P>3. Select the field MS-CHAP version 1 and 2.</P><P>4. Select the external user database for windows database (Active Directory users)</P><P> </P><P>1. Select the external user database.</P><P> </P><P>2. In that select the file windows database </P><P> </P><P>In external user database under database group mapping:-windows database -</P><P>Select the domain to be mapped which contain database.</P><P> </P><P>Add mapping:-</P><P> </P><P>3. Select the field administrators in external database </P><P> </P><P> </P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P></P><P>Configuration steps for access point:</P><P></P><P>1. Select the static wep key and give the key length should be 128 bits only.</P><P>2. Give the IP address and shared secret.</P><P>3. Configure ssid&amp;vlan</P><P>4. Configure server manager </P><P></P><P> </P><P></P><P></P><P></P><P> </P><P>Configure SSID</P><P></P><P></P><P></P><P></P><P> CONFIGURE THE ENCRYPTION MANAGER IN AP</P><P></P><P></P><P></P><P></P><P> </P><P> CONFIGURE SERVER MANAGER IN AP</P><P></P><P>THANK </P><P></P></BODY></HTML> Fri, 08 Feb 2008 10:26:13 GMT https://community.cisco.com/t5/network-access-control/authentication-with-active-directory/m-p/908065#M407753 naveen999 2008-02-08T10:26:13Z https://community.cisco.com/t5/network-access-control/authentication-with-active-directory/m-p/908066#M407755 <HTML><HEAD></HEAD><BODY><P>I think it will be easier to configure a Radius server. As what I have seen Radius works better.</P></BODY></HTML> Fri, 08 Feb 2008 12:38:03 GMT https://community.cisco.com/t5/network-access-control/authentication-with-active-directory/m-p/908066#M407755 tbrinkma 2008-02-08T12:38:03Z