AD username with blank space, authentication failure in ISE

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2018 02:01 AM - edited 10-31-2018 02:05 AM
Hi Guys Hope you're all doing well.
I have a problem when authentifying a user that have blank sapce in his AD username (like: bob stev), the username exists in the AD but is not authentified in ISE.
- Labels:
-
Identity Services Engine (ISE)

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2018 02:13 AM
How you do the authentication what kind of protocols you use .Share some configuration with us to can help you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2018 06:01 AM
Hi,
Im using DOT1X
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2018 06:06 AM
Hi again , dot1x can be many things , Did you test you AD from where you did your connection to AD . I'cant help if you are not more detailed. Dot1x can be use MSCHAPv2 EAP ,PEAP,EAP-TLS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2018 07:01 AM
we're using EAP-TLS.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2018 02:11 PM
Need info on how the cert auth profile configuration, beside ISE version number and patch level. The specific field and attribute that contains the space character.
Also, try and see whether it working with "Test User Authentication". I tried it successfully with "Dr Smith", which is the Display Name, the cn (common name), and the sAMAccountName. It did fail the lookup after I removed the space from the field "User logon name (pre-Windows 2000)", which updated the sAMAccountName, while OK if by distinguishedName.
