cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1520
Views
0
Helpful
3
Replies

CS ACS 3.0 won't authenticate users that have logon to restriction in NT

rob.wright
Level 1
Level 1

We have an NT BDC in the accounts domain running CS ACS v3.01 build 5. ACS authenticates users fine as long as they are not setup with the Windows User Manager Logon To restriction. For those users it simply fails with the error Workstation not allowed.

Each user that has the logon restriction has their own workstation name and the ACS servers name in the list. This used to work fine in ACS v2.4.

Any suggestions would be greatly appreciated. This failure is impacting a delivery date of a larger project.

Thanks.

3 Replies 3

fmeetz
Level 4
Level 4

Sounds like there may be a glitch with that version of ACS. Your best bet would be to contact Cisco directly to get a solution.

rob.wright
Level 1
Level 1

Thanks for the replies, the solution is to put CISCO as a workstation name in the Logon to fields under User Manager. The actual ACS server name is no longer required.

We could not find this in any documentation and had to place a call with Cisco support.

m-haroon
Level 1
Level 1

In user manager domain , there is option to allow user to dialin . when you forward authentication to NT Domain Controllers , if users are not allowed to dialin , Cisco Secure will not authenticated .

I hope it will work