Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8134
Views
0
Helpful
3
Replies

Cisco ISE (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out)

Tabish Mirza
Level 1
Level 1

‎01-16-2013 09:52 AM - edited ‎03-10-2019 07:58 PM

Hi,

I have a setup ISE 1.1.1. Users are getting authenticate against AD. Everything is working fine except some users report disconnection. I see in the ISE that (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out). Users are using Windows 7 OS.

Error is enclosed & here is the port configuration.

Port Configuration.

interface GigabitEthernet0/2

switchport access vlan 120

switchport mode access

switchport voice vlan 121

authentication event fail action next-method

authentication event server dead action reinitialize vlan 120

authentication event server alive action reinitialize

authentication host-mode multi-auth

authentication order mab dot1x

authentication priority dot1x mab

authentication port-control auto

authentication periodic

authentication timer reauthenticate server

mab

dot1x pae authenticator

dot1x timeout tx-period 60

spanning-tree portfast

ip dhcp snooping limit rate 30 interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30

Please help.

1 person had this problem
Labels:
Preview file
118 KB
0 Helpful
3 Replies 3

Tarik Admani
VIP Alumni
VIP Alumni

‎01-16-2013 09:08 PM

Are all the users on the same switch experiencing this issue? You may want to doublecheck the shared secret.

Thanks,

Tarik Admani
*Please rate helpful posts*

0 Helpful

Tabish Mirza
Level 1
Level 1
In response to Tarik Admani

‎01-18-2013 09:03 PM

No only subset of users getting this issue. Rest is working fine.

Sent from Cisco Technical Support iPhone App

0 Helpful

minkumar
Level 1
Level 1
In response to Tabish Mirza

‎01-21-2013 02:53 PM 

The error message means that Active Directory server Reject the authentication attempt 
as for some reasons the user account got locked.I guess, You should ask your AD Team to check in the AD
Event Logs why did the user account got locked.


Under Even Viewers, You can find it out


Regards
Minakshi (Do rate the helpful posts)
0 Helpful
Customers Also Viewed These Support Documents