24408 User authentication against Active Directory failed since user has entered the wrong password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-22-2012 10:52 PM - edited 03-07-2019 08:29 AM
Hi there, I have setup ACS as TACACS server for login request for routers and switch. every time when try to access use the AD user account, it shows above errror, but the password is correct. if I use the account int the internal store there is no issue. following is the record from ACS monitoring and report:
... ... ....
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication ReplyEvaluating Identity Policy
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication Reply
Evaluating Identity Policy
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication Reply
... ... ...
Please let me know if you have any suggestion. thanks in advance. Roy
- Labels:
-
Other Switching
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-27-2020 08:20 AM
We need create same username ( as the one in AD), on the internal acs identity.
The password option "Password Type" select AD1.
That all!
