08-27-2002 06:27 AM - edited 07-04-2021 11:22 PM
I'm doing some test with an Air 1200 and some 352 Pc card for one of our customers.
With ACU ver. 4.25.23, I enabled LEAP authentication using the windows user name and password.
Leap authentication is successful, while windows domain logon not.
Not to say using a "normal" NIC that logon succeed.
Sniffing the packets that come out the AP, it seems the domain logon happens... I see the requests/answers between my client and the domain controller...
However, after canceling the windows domain logon I have normal connectivity with the entire network.
Someone experienced that? Any help will be greatly appreciated.
Antonio Tassone
09-04-2002 04:41 PM
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
Thank you for posting.
11-05-2002 06:33 AM
Did you find a solution for this problem? i have a similar problem, when i log in the leap box appears with a "finding domain controller" takes quite some time before the dialog disappears and the logon is successful. It seams that my computer actually finds the domain controller, i say this because i get my logon script from the domain controller. Any help here would be great.
11-05-2002 07:06 AM
Yes, I make the radius server run with a windows account that is a domain administrator too.
I found the tech note that reported this solution looking for the error experienced by the radius, something like "DLL rejected" or similar.
Hope it helps.
Bye.
11-13-2002 10:40 AM
Can you please elaborate more on what you are suggesting ?
11-15-2002 02:50 AM
Sure.
My attempts to logon in a windows domain using the same user/password for LEAP authentication and windows logon were unsuccessful (either using Win9x or Win NT/2000 on the client), indeed the login dialog box was stuck in something like "searching primary domain controller" or similar (I'm sorry but it's been some month ago).
Looking the Radius server log, I found an error like " xxxxx DLL rejected".
Searching the Cisco web site and the forums for that error, I read the advice to make the authentication services on the NT server to run with the privileges of one of the Windows Domain Administrator accounts.
Following that advice, and with some other tweaking explained in the document I read, I reached my goal.
I regret I can't be more precise.
Regards.
12-17-2002 07:52 AM
Hi
Can u advise how to run the privileges of the comain administrator
Can u share with me on the tweaking
Regards
McNAz
12-17-2002 08:48 AM
I'm not very skilled in managing windows domains... however I think here ( http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/install/install.htm#xtocid16 ) you can find some advice on how to make a service run with a particular account.
Hope it helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide