how to limit one username can be only used one time for authentication?

Unanswered Question
May 23rd, 2008

Hi All,

I'm using ACSE 4.1+4402+Windows Database, we want to limit one username/password can only be used one time for authentication in the same time. Right now, we found we can use the same username/password to login to the WLAN from different laptops at the same time. I have tried to set "max sessions per user" to be 1 in ACSE's group configurations(user will use group setting), but it didn't work, we can still use two laptops to login to the WLAN by using same username/password at the same time, and in ACSE's passed authentication log, we can see different client had used the same username to login to the WLAN.

Any ideas? Thanks!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Sat, 05/24/2008 - 19:36

Try to set this in the wlc:

config netuser maxEapUserLogin 1

or

config netuser maxuserlogin 1

I know this works for local users, but might work in your case too.

bbxie Sun, 05/25/2008 - 16:43

Hi Scott,

Thanks for your advice, what version have you tested with this command? I use 4.2.112, it didn't work if I use ACSE to authenticate.

Scott Fella Sun, 05/25/2008 - 18:25

I have only tested with the 4.0 version. the only thing I can suggest is to open a TAC cas with the security AAA group. I have never tried to only allow one user, but since that is a selection in ACS, openeing a case with the wrieless TAC will only lead you back to the AAA team.

Scott Fella Sun, 05/25/2008 - 19:30

I was just reading your post again and noticed you set the max user to 1 on the group and not on the user in that group. The weird thing is that the user profile overrides the group setting. Either set it per user or verify that it is set to use group settings. That should work, if not.... I would open a TAC case.

bbxie Sun, 05/25/2008 - 20:02

I have configured the user to use group setting. However, I have also tried to set it at user level, the same result. I will open a TAC case. Thanks for your help!

Actions

This Discussion

 

 

Trending Topics - Security & Network