cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2714
Views
0
Helpful
5
Replies

External DB account restriction Error

coxendine
Level 1
Level 1

Can anyone tell me what the following ACS error means: "External DB account restriction". We're using ACS 3.0(3) for Windows NT/2000. I'm trying to access certain equipment within our network via https & telnet using AAA and I keep getting this error. I have been unable to find this specific error code on the Cisco Support Site. Thanks in advance for your help.

1 Accepted Solution

Accepted Solutions

gfullage
Cisco Employee
Cisco Employee

This usually means the NT account has some restrictions on it. Do you have "Grant Dialin permission to user" checked either under the NT user account and/or under the External User Database - NT/2000 - Configure section, they need to match.

check also that you don't have specific permissions set on the NT account like where they can login from, times they can login, etc, this is usually the culprit.

View solution in original post

5 Replies 5

r.vanwolferen
Level 1
Level 1

Hello,

can you give me the configuration of the device your telnetting to?

Is the error shown in ACS or as bebug message on the device?

Greetings,

Rene

I'm getting the same error - it's coming up in ACS.

gfullage
Cisco Employee
Cisco Employee

This usually means the NT account has some restrictions on it. Do you have "Grant Dialin permission to user" checked either under the NT user account and/or under the External User Database - NT/2000 - Configure section, they need to match.

check also that you don't have specific permissions set on the NT account like where they can login from, times they can login, etc, this is usually the culprit.

Thanks for all your help. This seems to have solved the issue.

We have a network with various ACS (appliance version 3.2) with a local DB and a central Agent(Cisco Secure ACS remote Agent) that collect the accounting logs.

We do not use an external DB but we have this Authentication failure code:

Authen-Failure-Code: External DB account Restriction

Thanks

Saverio