Hi there, I have setup ACS as TACACS server for login request for routers and switch. every time when try to access use the AD user account, it shows above errror, but the password is correct. if I use the account int the internal store there is no issue. following is the record from ACS monitoring and report:
... ... ....
Evaluating Identity Policy
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication Reply
Evaluating Identity Policy
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication Reply
Evaluating Identity Policy
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication Reply
... ... ...
Please let me know if you have any suggestion. thanks in advance. Roy
