cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5304
Views
5
Helpful
9
Replies

Domain name in PEAP login

jong_r0602
Level 1
Level 1

Hi Guys,

How do i get rid of the domain name on my WLAN beause it creating another username in my ACS like this:

I already have a "jong" username and its authenticated via windows AD. But the problem is when in trying to login on my PC using WLC, another login is automatically created on my ACS. domain name/username.

Please help me how to solve this problem.

Thanks,

Jong

art.com/jong

1 Accepted Solution

Accepted Solutions

Our ACS server does the same thing

It is possible for the same user to have lots of different accounts dynamically mapped into the acs

for example a user might have

user

foo\user

user@foo.com

all map to the same AD account, it all depends on how the user types their credentials.

I have yet to find a solution to this

It is important too when you delete the mapped accounts on the ACS, you delete all the possible Domain/User combinations

I usually will do a search in the ACS for

*user*

This will return all the accounts for that user. Then I can delete all of them, change the users group and have them re-map

It has come in handy for me, I will log in with

username - which gets mapped to a group...

Then log in with DOMAIN\username - which gets mapped to the same group

Then I can manually move the DOMAIN\username account to whatever group I want

Now I essentially have 2 separate logins, both in different groups - This lets me test my NAR and my Downloadable ACLs without impacting my original username account

So it has its pluses and minuses - No good solution though

View solution in original post

9 Replies 9

jeromehenry_2
Level 3
Level 3

This looks more like a client configuration issue than a controller configuration problem... which client are you using? Which authentication mechanism?

Hi Jerome,

Im using Windows XP. Im using ACS 3.3 and Microsoft Active Directory for my authentication.

Thanks for your time,

Jong

Uncheck the machine authentication on the client side and see if that goes away.

-Scott
*** Please rate helpful posts ***

Hi,

The same thing is happening, another user was created automatically( with and without domain name)in ACS. What i want is to have only 1 username. Is there something that i need to configure on my ACS?

Jong,

On acs--->external user database---->windows--->configure---> bring your domain under domain list.

Regards,

~Jg

I think it normal bacause i tried to login on my router like this

domain/jong and jong

and both are working but the ACS created a new login with domain name in prefix.

Our ACS server does the same thing

It is possible for the same user to have lots of different accounts dynamically mapped into the acs

for example a user might have

user

foo\user

user@foo.com

all map to the same AD account, it all depends on how the user types their credentials.

I have yet to find a solution to this

It is important too when you delete the mapped accounts on the ACS, you delete all the possible Domain/User combinations

I usually will do a search in the ACS for

*user*

This will return all the accounts for that user. Then I can delete all of them, change the users group and have them re-map

It has come in handy for me, I will log in with

username - which gets mapped to a group...

Then log in with DOMAIN\username - which gets mapped to the same group

Then I can manually move the DOMAIN\username account to whatever group I want

Now I essentially have 2 separate logins, both in different groups - This lets me test my NAR and my Downloadable ACLs without impacting my original username account

So it has its pluses and minuses - No good solution though

Yes, im doing the same thing.

Thanks alot guys. hope we could find a perfect solution for this. If someone knows it already, please post it here.

Regards,

Jong

Sorry for the very late response guys.

I learned a lot from your responses.

Thanks,

Jong

Review Cisco Networking for a $25 gift card