cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1275
Views
0
Helpful
1
Replies

ASC1120 and AD issue

20vek
Level 1
Level 1

Hello Everyone. I wonder if some one already experienced the same problem. I have ASC1120

appliance paired with active directory. The authentication works fine using PAP

but when I enable password management on ASA5550 firewall it switches to MSCHAP2 and authentication fails with the following error:

24444 Active Directory operation has failed because of an unforseen error

Any help is appreciated...

1 Reply 1

Jatin Katyal
Cisco Employee
Cisco Employee

20vek,


As its working with PAP and not working with MSchap there could be two reasons;


1.] Mschapv2 is not allowed on ACS  >> access policies >> default network access >> allowed protocols >> Allow Mschapv2


Please attach the full failed attempts from ACS in your next reply.


2.] You are running ACS 5.0


This was a bug in earlier release but actually applicable for PAP

CSCta05652    Active Directory operation has failed because of an unforseen error


HTH


Rgds,

JK


Do rate helpul posts-

~Jatin