Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1572
Views
0
Helpful
1
Replies

ACS V3.0 and UPN logon name

lldemeyer
Level 1
Level 1

‎09-25-2003 07:32 AM - edited ‎03-10-2019 07:30 AM

We have ACS V3.0 on Win2000 Server(AD) & WinXP client. The client is configured for LEAP + 'Use windows user name and password' setting .

-> When using the pre-Win2000 usernames authentications is OK . ex.: username :hpgedadm

-> When using the UPN (user principle name) logon names the authentication fails .

ex.: username : dirk.geenen.admin@interbrew.net

On the ACS server the Authentication-failure code: Radius extension DLL rejected user

On the Windows 2000 AD no corresponding authentic failure is seen in the event logging .So apparently the ACS radius server has a problem with UPN's. Is there a setting or is this not supported on V3.0 or..?

Thanks,

Luc.

Labels:
0 Helpful
1 Reply 1

yusuff
Cisco Employee
Cisco Employee

‎09-25-2003 09:58 PM

Cisco Secure ACS does not support the user@domain (UPN) format of qualified usernames when

authenticating users with Windows user databases of any type, including local and domain SAM

databases and Active Directory databases.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/d.htm#71627

R/Yusuf

0 Helpful
Customers Also Viewed These Support Documents