Re: Cisco Wireless controller 2504 MAC authentication by NPS Server

Genesis Cisco · ‎09-17-2021

Hi Everyone,

We have WLC 2504 and SSID authentication use MAC Address, we create account on AD Server use upper-case letter(AABBCCDDEEFF), anthentication will be reject, but use lower-case letter(aabbccddeeff), that will be successful.
Have anyone knows the reason?

WLC 2504 Version is 8.5.151

Karsten Iwen · ‎09-17-2021

It's most likely not the username, as this is not case-sensitive in Windows. But with the default setting in your WLC, the MAC-address is also sent as a password. And the sent password from the WLC has to match the password as you entered it for the MAC-address in your AD.

Genesis Cisco · ‎09-17-2021

Hi Karsten,

But with the default setting in your WLC, the MAC-address is also sent as a password
-->I know, so when I create account, the username and password use same word.
e.g. Username:AABBCCDDEEFF, Password:AABBCCDDEEFF

Username:aabbccddeeff, Password:aabbccddeeff

Follow this rule, the account and password use lower-case letter authentication will successful, but
upper-case reject by NPS Server.

Karsten Iwen · ‎09-17-2021

If the WLC sends the password as lowercase, but the password is configured as upper-case, they will not match and the authentication fails.

Genesis Cisco · ‎09-18-2021

Hi Karsten,

If the WLC sends the password as lowercase, but the password is configured as upper-case, they will not match and the authentication fails.

-->That means controller send the password use lowercase, this is the default behavior on WLC 2504?

Thank you