Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4007
Views
0
Helpful
1
Replies

ACS 5.2 - Machine certificate authentication

ThibaultMean
Level 1
Level 1

‎05-24-2011 08:19 AM - edited ‎03-10-2019 06:06 PM

Hello,

Is there a way to authenticate a windows computer in ACS 5.2 for 802.1x only with a certificate.

The Computer is from a different active directory than the one that is configured in ACS.

I tried importing the cert into "external indentity Stores" > "certificate authorities", then setup the computer to use smart card or certificate, then selected the certificate from the other AD.

when i look at the ACS log, here is the message i can see  :

22044 Identity policy result is configured for certificate based authentication methods but received password based

Any idea?

Regards.

Labels:
0 Helpful
1 Reply 1

jrabinow
Level 7
Level 7

‎05-24-2011 09:26 AM

The result of an identity policy can reference results of one of the following kinds

- identity store (for password based authentication)

- certificate authentication profile (for certificate based authentication)

The error you are seeing is when a password based authentication request is received but the result of the selected identity policy is a certificate authentication profile

If you want the identity policy to support both methods I think what you need to do is create an identity sequence. (Users and Identity Stores >Identity Store Sequences > Create)

- Select "Certificate Based" option and then the Certificate Authentication Profile

- Select "Password Based" and then the identity stores to be used for authentication

Then select the identity sequence as the result in the identity policy

0 Helpful
Customers Also Viewed These Support Documents