'Could not find user' with EAP-TLS in ACS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-01-2010 04:45 AM - edited 03-10-2019 05:32 PM
Hi all,
we are running ACS 4.2(1) Build 15 on a Win2003 member server and use the ACS for EAP-TLS with certificates (Microsoft-PKI) for WLAN authentication (WLC 4402, 6.0 and 4.2). We are using both machine and user authentication.
Sometimes machine authentications fail with following message in AUTH.log:
AUTH 11/01/2010 09:11:28 E 1395 1904 0x31cb External DB [NTAuthenDLL.dll]: Could not find user host/<xxxxxxxx>.com (0x5012)
But some minutes/hours later the same machine can authenticate successful. Other machines never have this problem, no problems at all with user authentications.
Does anyone have an idea where I can proceed with troubleshooting? I haven't found any related messages in server event logs. Are there any other logs where I can find reasons for these problems that are occuring only sometimes?
Thanks
Kai
- Labels:
-
AAA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-01-2010 09:15 AM
AUTH.log and RDS.log are two log file you need to look into on ACS side. Make sure the log level is set to "Full"
You might need to check the log on AD side to see why it could not find this host.
Comparing the logs between the working and non-working cases might be helpful.
