AD username with blank space, authentication failure in ISE

rd1hamdaoui1 · ‎10-31-2018

Hi Guys Hope you're all doing well.

I have a problem when authentifying a user that have blank sapce in his AD username (like: bob stev), the username exists in the AD but is not authentified in ISE.

ognyan.totev · ‎10-31-2018

How you do the authentication what kind of protocols you use .Share some configuration with us to can help you

rd1hamdaoui1 · ‎10-31-2018

Hi,

Im using DOT1X

ognyan.totev · ‎10-31-2018

Hi again , dot1x can be many things , Did you test you AD from where you did your connection to AD . I'cant help if you are not more detailed. Dot1x can be use MSCHAPv2 EAP ,PEAP,EAP-TLS

rd1hamdaoui1 · ‎10-31-2018

Hey, Thank you for your help,
we're using EAP-TLS.

hslai · ‎10-31-2018

Need info on how the cert auth profile configuration, beside ISE version number and patch level. The specific field and attribute that contains the space character.

Also, try and see whether it working with "Test User Authentication". I tried it successfully with "Dr Smith", which is the Display Name, the cn (common name), and the sAMAccountName. It did fail the lookup after I removed the space from the field "User logon name (pre-Windows 2000)", which updated the sAMAccountName, while OK if by distinguishedName.