01-10-2012 12:47 AM - edited 03-10-2019 06:42 PM
Good Evening. I have problem with ACS 4.2 and AD, on autification on PC i have an internal error. In RDS.log i have that line:
Error UDB_NT_UNKNOWN_ERR authenticating (DOMAIN)\(USERNAME) - no response sent to NAS
I already checked physhic layer problems, switch configured dot1x, ciscosecure remote agent installed.
Solved! Go to Solution.
01-10-2012 07:55 AM
Hello,
Is the Auth.log file also reporting "Windows authentication FAILED (error 6L)" for the same RDS timestamps/failure?
Also, which ACS version (Include Patch) are you using? Are you authenticating against Windows Server 2003 or 2008 or 2008 R2 AD?
NOTE: Remember that 2008 R2 AD is not supported by any ACS 4.x version.
Also verify that you have complied with the following requirements:
Verify which one applies for you as there are two options: Windows Member Server or Windows Domain Controller.
Regards.
01-10-2012 07:55 AM
Hello,
Is the Auth.log file also reporting "Windows authentication FAILED (error 6L)" for the same RDS timestamps/failure?
Also, which ACS version (Include Patch) are you using? Are you authenticating against Windows Server 2003 or 2008 or 2008 R2 AD?
NOTE: Remember that 2008 R2 AD is not supported by any ACS 4.x version.
Also verify that you have complied with the following requirements:
Verify which one applies for you as there are two options: Windows Member Server or Windows Domain Controller.
Regards.
01-10-2012 07:14 PM
Hello. Yes, In auth.log i have following messages:
AUTH 01/11/2012 09:09:09 E 6028 0836 0x0 AllocateThread returned 3
AUTH 01/11/2012 09:09:09 A 5821 4432 0x1530 Worker 3 established conn 9318 with 127.0.0.1:49600
AUTH 01/11/2012 09:09:09 E 1810 4432 0x1533 External DB [NTAuthenDLL.dll]: Windows authentication FAILED (error 6L)
AUTH 01/11/2012 09:09:22 E 1810 4432 0x1535 External DB [NTAuthenDLL.dll]: Windows authentication FAILED (error 6L)
I use Windows Server 2008 SP2. I can't open you link to requirements, i get error 403.
Thank You!
01-10-2012 08:42 PM
Hello,
The Windows authentication FAILED (error 6L) usually refers to permissions errors. The Remote Agent software/service might not have enough privileges to authenticate Windows Accounts. In that case you might want to refer to the attached document, sections "Configuring for Domain Controllers Authentication" or "Configuring for Member Server Authentication". You should check the one that applies for your installation depending if the RA is installed on a Member Server or Domain Controller on your AD Domain.
Also, remember that Windows Authentication for AD Domains running Windows Server 2008 was included on ACS 4.2.0.124 Patch or above. As a recommendation, an upgrade to 4.2.1.15 latest patch would be the best approach. If the issue persists after the upgrade you might need to check the attached document Post-Installation Tasks under the sections mentioned above.
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide