EAP-TLS and MS AD auth problem

Unanswered Question
Sep 6th, 2007
User Badges:


I have a problem with an ACS to authenticate users with certificate on MS AD.

Working things:

PEAP authentication with the MS AD;

EAP-TLS authentication with the local DB.

Not working things:

EAP-TLS authentication with MS AD.

Because I'm able to auth users with PEAP on MS AD, I guess my config on MS AD is correct.

Because I'm able to auth users with certif in EAP-TLS, I guess my certif config is correct.

So, why it's not working with the combination EAP-TLS and MS AD.

I receive the error 'External DB Account Restriction'

Thanks for your help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Anonymous (not verified) Wed, 09/12/2007 - 13:22
User Badges:

This issue is generally seens when there are multiple domains. Try out this step. Choose Network Connections from the control panel. Right-click the local area connection.Choose Properties. Double-click the TCP/IP option. Choose Advanced at the bottom. Click on DNS at the top. Choose Append these DNS suffixes. Add the FQDN for each domain that ACS authenticates against in the field.

scottcraig Mon, 03/09/2009 - 13:30
User Badges:

I know this thread is old but I am very curious if you found an answer to this. I am in the exact same situation and have verified and reverified everything based on every ounce of documentation I can find. This is driving me crazy so if you found a solution I would love to hear what it was.



This Discussion