Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2724
Views
0
Helpful
5
Replies

AD username with blank space, authentication failure in ISE

rd1hamdaoui1
Level 1
Level 1

‎10-31-2018 02:01 AM - edited ‎10-31-2018 02:05 AM

Hi Guys Hope you're all doing well.

 

I have a problem when authentifying a user that have blank sapce in his AD username (like: bob stev), the username exists in the AD but is not authentified in ISE.

 

0 Helpful
5 Replies 5

ognyan.totev
Level 5
Level 5

‎10-31-2018 02:13 AM

How you do the authentication what kind of protocols you use .Share some configuration with us to can help you

0 Helpful

rd1hamdaoui1
Level 1
Level 1
In response to ognyan.totev

‎10-31-2018 06:01 AM

Hi,

Im using DOT1X

0 Helpful

ognyan.totev
Level 5
Level 5
In response to rd1hamdaoui1

‎10-31-2018 06:06 AM

Hi again , dot1x can be many things , Did you test you AD from where you did your connection to AD . I'cant help if you are not more detailed. Dot1x can be use MSCHAPv2 EAP ,PEAP,EAP-TLS

0 Helpful

rd1hamdaoui1
Level 1
Level 1
In response to ognyan.totev

‎10-31-2018 07:01 AM

Hey, Thank you for your help,
we're using EAP-TLS.
0 Helpful

hslai
Cisco Employee
Cisco Employee
In response to rd1hamdaoui1

‎10-31-2018 02:11 PM

Need info on how the cert auth profile configuration, beside ISE version number and patch level. The specific field and attribute that contains the space character.

Also, try and see whether it working with "Test User Authentication". I tried it successfully with "Dr Smith", which is the Display Name, the cn (common name), and the sAMAccountName. It did fail the lookup after I removed the space from the field "User logon name (pre-Windows 2000)", which updated the sAMAccountName, while OK if by distinguishedName.

Screen Shot 2018-10-31 at 2.02.12 PM.png

0 Helpful
Customers Also Viewed These Support Documents
Top