02-22-2015 11:24 PM - edited 03-10-2019 10:28 PM
Dear Experts,
I'm using Cisco ACS (Radius and TACACS+) to authenticate network devices in my network for administration, everything works great except one of the devices accepts usernames of 8 characters length only so when I change the authentication method of this device to use TACACS+ and I enter my username which exceeds 8 characters, only the first 8 goes to ACS and since it doesnt exist in the users database it will reject the authentication.
My username: 1234567890
when I authenticate using TACACS+, I can see 12345678 only...
Any suggestions please? for an example is it possible to add a rule if ACS sees username "12345678" it adds "90" then check the password and authenticate?
Thanks for the help in advance...
Amro
02-23-2015 01:32 AM
Network Configuration Prompts : http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-5/release/notes/acs_55_rn.html#61858
Prompt |
---|
Username | The name of the first administrative user. You can accept the default or enter a new username. Must be from 3 to 8 characters and must be alphanumeric (A-Z, a-z, 0-9). |
02-23-2015 09:27 PM
Thank you Mohanak for the reply but I believe you misunderstood my problem so I will try to explain it again.
Switch A authentication method is TACACS via Cisco ACS and Cisco ACS uses Active directory.
My Username is: ABC1234567890
Switch A limitations is it doesn't accept a username with a length exceeds 8 characters.
So when I want to login to Switch A using my username (ABC1234567890) Switch A will strip the characters after the first 8 so it will take the username of (ABC12345) only then it will send it to ACS then ACS will check for this username which doesnt exist so it will not authenticate.....
I hope this is clear now.
Regards,
Amro
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide