Solved: WLC login with ACS5.3

Richard Bradfield · ‎09-10-2012

I have similar problem to the post below

https://supportforums.cisco.com/message/3542889#3542889

tried the fixes but does not work for me.

what privilege level should be set in the shell command common task attributes?

I would have thought 2 Cisco products would talk to each other ok! Is there a proper fix from Cisco for this?

it works with ACS4.1so what's the difference

Amjad Abdullah · ‎09-11-2012

it must be role1 not role-1

just like this:

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

View solution in original post

Tarik Admani · ‎09-10-2012

This should work fine, so you made sure that there isnt a leading before the ALL value. If you look at it in the shell profile, it will not be there, you will have to rebuild the attribute, do not edit, but delete and reenter it.

Can you send me a screenshot of the shell profile that you configured.

Thanks,

Tarik Admani
*Please rate helpful posts*

Richard Bradfield · ‎09-10-2012

Tarik,

do I have to set any privilege levels?

here is the screen shot

as Capture .jpg

Amjad Abdullah · ‎09-10-2012

value "ALL" must be capital letters.

Rating useful replies is more useful than saying "Thank you"

Richard Bradfield · ‎09-11-2012

still no good,

here is debug

*tplusTransportThread: Sep 11 16:57:16.214: arg[0] = [10][role-1=ALL]

*tplusTransportThread: Sep 11 16:57:16.214:
Incorrectly formatted authorization message
*tplusTransportThread: Sep 11 16:57:21.427: Forwarding request to 172.17.6.175 p ort=49

*tplusTransportThread: Sep 11 16:57:21.547: tplus auth response: type=1 seq_no=2 session_id=8716f42c length=16 encrypted=0

*tplusTransportThread: Sep 11 16:57:21.547: TPLUS_AUTHEN_STATUS_GETPASS

*tplusTransportThread: Sep 11 16:57:21.547: auth_cont get_pass reply: pkt_length =24

*tplusTransportThread: Sep 11 16:57:21.547: processTplusAuthResponse: Continue auth transaction
*tplusTransportThread: Sep 11 16:57:21.603: tplus auth response: type=1 seq_no=4 session_id=8716f42c length=6 encrypted=0

*tplusTransportThread: Sep 11 16:57:21.603: tplus_make_author_request() from tpl us_authen_passed returns rc=0

*tplusTransportThread: Sep 11 16:57:21.603: Forwarding request to 172.17.6.175 port=49

*tplusTransportThread: Sep 11 16:57:21.701: author response body: status=1 arg_cn t=1 msg_len=0 data_len=0

*tplusTransportThread: Sep 11 16:57:21.701: arg[0] = [10][role-1=ALL]

Amjad Abdullah · ‎09-11-2012

it must be role1 not role-1

just like this:

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Richard Bradfield · ‎09-11-2012

thanks for that

I didn't know it was so pedantic!

Amjad Abdullah · ‎09-11-2012

ya you need to be very carful about that.

Glad that your issue is now resovled.

Rating useful replies is more useful than saying "Thank you"