Re: EAP-TLS and MS AD auth problem

philippe.denebourg · ‎09-06-2007

Hi,

I have a problem with an ACS to authenticate users with certificate on MS AD.

Working things:

PEAP authentication with the MS AD;

EAP-TLS authentication with the local DB.

Not working things:

EAP-TLS authentication with MS AD.

Because I'm able to auth users with PEAP on MS AD, I guess my config on MS AD is correct.

Because I'm able to auth users with certif in EAP-TLS, I guess my certif config is correct.

So, why it's not working with the combination EAP-TLS and MS AD.

I receive the error 'External DB Account Restriction'

Thanks for your help.

Report Inappropriate Content · ‎09-12-2007

This issue is generally seens when there are multiple domains. Try out this step. Choose Network Connections from the control panel. Right-click the local area connection.Choose Properties. Double-click the TCP/IP option. Choose Advanced at the bottom. Click on DNS at the top. Choose Append these DNS suffixes. Add the FQDN for each domain that ACS authenticates against in the field.

philippe.denebourg · ‎09-13-2007

I did this and it doesn't work beter.

Phil.

scottcraig · ‎03-09-2009

I know this thread is old but I am very curious if you found an answer to this. I am in the exact same situation and have verified and reverified everything based on every ounce of documentation I can find. This is driving me crazy so if you found a solution I would love to hear what it was.

-Scott