03-18-2004 08:47 AM - edited 07-04-2021 09:27 AM
We have an active directory domain.
We have users with 350 pcmcia cards in their thinkpads connecting to 1200 APs set to allow authentication to an external DB (the AD domain).
Everything was happy until a user got married.
Her name changes.
My day is ruined.
Now, when she logs in the ACS server flags it as a failed attempt instantly. I can replicate this perfectly. It doesn't allow her to login. When she sits down at a wired machine she can login with no problems. So we know the account is good. What I can't understand is why, if we're set to pass unknown users and all authentication to the external DB (AD domain), this doesn't work? Surely the ACS server should just treat this new username as unknown and bounce it to the AD domain?
Anyone seen this before? Or perhaps more importantly anyone fixed this yet? I've posted over at CCO on the cisco site and no luck there yet. I've also googled extensively and nothing of use. Lots of info on password changes but nothing on username changes.
many thanks
J
note: edited for clarity
03-18-2004 10:07 AM
What does the error in the "Failed Attempts" log say on the ACS server?
Is there a single AD domain in your org? If there are multipel domains, could there be a user with the same username in another domain that ACS is checking first?
03-19-2004 02:10 AM
Jmatusie,
Interesting thought but there is only one user with this ID thoughout the organisation.
J
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide