02-14-2006 05:56 AM - edited 07-04-2021 11:38 AM
Hi,
We set up our wireless network using 1200 Series AP, ACS 3.3 and WLSE 2.11 and I thought everything was working fine.
However, I just found out y'day that some new users couldnot get connected and digging further, I realised that all users need to be a member of 'Dial-In users' in Active Directory in order to access corporate network through wireless.
Why does this happen?.. is there a work around for this problem?.
Any replys/ suggestions most welcome.
Thanks in advance
Gibs
02-14-2006 07:36 AM
Hello Gibs,
It's an option in the ACS server. You can disable it by going in
External User Database --> Database Configuration --> Windows Database --> click "Configure"
There, uncheck "Dialin Permission"
This should do the trick
Hope that helped
PLS rate all posts
Antoine
02-14-2006 07:45 AM
Hi Antoine,
Thanks for your reply. If I uncheck dial in permission, will it affect any other services, like VPN authentication or Telent authentication to router?. We use this ACS for VPN authentication for employees with VPN Access and Telnet authentication for Network Admins.
Thanks,
Gibs
02-15-2006 06:15 AM
Gibs,
I have a similar situation. Our radius points to windows 2000 domain controllers which have microsoft's IAS service installed. I more or less inherited this setup, and who ever installed it only has one policy within IAS which says "allow access if dial-in permission is enabled".
I have been thinking about trying to make some new policies since there are many parameters available such as checking the calling nas station IP. Do you know if the IAS service is installed on your domain or domains ? If you do have IAS, you can look at the help facility within IAS and it explains the logic of how policies are applied. I have not tried this yet, but it looks as if the policies are flexible enough.
R Duke
02-17-2006 01:06 PM
I believe our setup is to add user to the dial-in group everytime someone is given remote access / VPN previledges.
So I fear by taking the check box, I might open remote access to the whole company
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide