Re: ACS5.1, unable to authenticate AD user with empty password

rudenko.alexander · ‎05-31-2011

Hello Everyone

Our customer has the business needs to authenticate remote users against AD with empty password. I've seen ACS5.1 release note where mentioned about resolved issue:

CSCte72751

ACS 5.1 drops authentication with empty password.

I tried to authenticate dial-in users through Tacacs and Radius against AD with empty password but without success. ACS points to wrong AD password.

Does anyone know it is possible to authneticate remote users with empty password?

Regards,

Tarik Admani · ‎05-31-2011

Hi,

The issue has been resolved in patch 3 - http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/release/notes/acs_51_rn.html#wp153195 - so upgrade the ACS to patch 3 (or maybe the latest patch). This has the bug fix that you are looking for.

Thanks,

Tarik

rudenko.alexander · ‎06-01-2011

Hi,

Many thanks for your reply.

I've patched ACS to version 3 already, but result is same.

You may see sh version output below:

acs1/admin# sh ver

Cisco Application Deployment Engine OS Release: 1.2
ADE-OS Build Version: 1.2.0.152
ADE-OS System Architecture: i386

Version information of installed applications
---------------------------------------------

Cisco ACS VERSION INFORMATION
-----------------------------
Version : 5.1.0.44.5
Internal Build ID : B.2347
Patches :
5.1.0.44.1
5.1.0.44.2
5.1.0.44.3
5.1.0.44.4
5.1.0.44.5

Tarik Admani · ‎06-02-2011

Thanks for the update,

Please open a TAC case to have us take a look.

thanks,

Tarik