Domain name in PEAP login

Answered Question
Jun 10th, 2008

Hi Guys,

How do i get rid of the domain name on my WLAN beause it creating another username in my ACS like this:

I already have a "jong" username and its authenticated via windows AD. But the problem is when in trying to login on my PC using WLC, another login is automatically created on my ACS. domain name/username.

Please help me how to solve this problem.

Thanks,

Jong

art.com/jong

I have this problem too.
0 votes
Correct Answer by dewmancco about 8 years 6 months ago

Our ACS server does the same thing

It is possible for the same user to have lots of different accounts dynamically mapped into the acs

for example a user might have

user

foo\user

[email protected]

all map to the same AD account, it all depends on how the user types their credentials.

I have yet to find a solution to this

It is important too when you delete the mapped accounts on the ACS, you delete all the possible Domain/User combinations

I usually will do a search in the ACS for

*user*

This will return all the accounts for that user. Then I can delete all of them, change the users group and have them re-map

It has come in handy for me, I will log in with

username - which gets mapped to a group...

Then log in with DOMAIN\username - which gets mapped to the same group

Then I can manually move the DOMAIN\username account to whatever group I want

Now I essentially have 2 separate logins, both in different groups - This lets me test my NAR and my Downloadable ACLs without impacting my original username account

So it has its pluses and minuses - No good solution though

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
jeromehenry_2 Wed, 06/11/2008 - 05:33

This looks more like a client configuration issue than a controller configuration problem... which client are you using? Which authentication mechanism?

jong_r0602 Wed, 06/11/2008 - 15:51

Hi Jerome,

Im using Windows XP. Im using ACS 3.3 and Microsoft Active Directory for my authentication.

Thanks for your time,

Jong

Scott Fella Wed, 06/11/2008 - 18:56

Uncheck the machine authentication on the client side and see if that goes away.

jong_r0602 Wed, 06/18/2008 - 06:18

Hi,

The same thing is happening, another user was created automatically( with and without domain name)in ACS. What i want is to have only 1 username. Is there something that i need to configure on my ACS?

Jagdeep Gambhir Thu, 06/19/2008 - 11:42

Jong,

On acs--->external user database---->windows--->configure---> bring your domain under domain list.

Regards,

~Jg

jong_r0602 Sun, 06/29/2008 - 18:29

I think it normal bacause i tried to login on my router like this

domain/jong and jong

and both are working but the ACS created a new login with domain name in prefix.

Correct Answer
dewmancco Thu, 07/03/2008 - 12:01

Our ACS server does the same thing

It is possible for the same user to have lots of different accounts dynamically mapped into the acs

for example a user might have

user

foo\user

[email protected]

all map to the same AD account, it all depends on how the user types their credentials.

I have yet to find a solution to this

It is important too when you delete the mapped accounts on the ACS, you delete all the possible Domain/User combinations

I usually will do a search in the ACS for

*user*

This will return all the accounts for that user. Then I can delete all of them, change the users group and have them re-map

It has come in handy for me, I will log in with

username - which gets mapped to a group...

Then log in with DOMAIN\username - which gets mapped to the same group

Then I can manually move the DOMAIN\username account to whatever group I want

Now I essentially have 2 separate logins, both in different groups - This lets me test my NAR and my Downloadable ACLs without impacting my original username account

So it has its pluses and minuses - No good solution though

jong_r0602 Mon, 07/07/2008 - 05:01

Yes, im doing the same thing.

Thanks alot guys. hope we could find a perfect solution for this. If someone knows it already, please post it here.

Regards,

Jong

jong_r0602 Sat, 07/26/2008 - 07:47

Sorry for the very late response guys.

I learned a lot from your responses.

Thanks,

Jong

Actions

This Discussion

 

 

Trending Topics - Security & Network