IDSMC 2.0.1 and ACS 3.3 authentication/authorization issue

twilcox · ‎03-02-2005

We're experiencing authentication/authorization issues from IDSMC 2.0.1 and ACS 3.3. It worked fine until we upgraded from IDSMC 1.2.3 to 2.0.1. We've been through the release notes, and Employing ACS with IDSMC "Appendix C".

ACS 3.3 simply reports "Bad Request". The IDSMC reports "authentication error 501 ...".

Authentication for CW2000 (VMS) is fine however.

We have a TAC Case open but just want to see if anyone else has or is experiencing this same issue.

Best regards,

Tom

umedryk · ‎03-10-2005

You might be hitting a bug there, best option for now is to downgrade back

twilcox · ‎03-10-2005

We went back and tested it in our lab and got it working with Network Devices Groups and with individual devices and users.

For some reason, we still have problems in our production implementation that we are trying to figure out. The error message we keep getting is "BAD Request from NAS" in the failed login file on ACS 3.3. It seems like ACS 3.3 just doesn't understand what VMS 2.3 is sending it.

Guess what? We just got it working!! Working with our ACS admin it looks like we needed to add the ACS server and the VMS client into the same device group; this is how I had it setup in the lab according to the documentation.

Hope this helps. BTW, there is some nice granularity that this adds to access privileges on the IDS devices.