Remote Agent Authentication with AD

Unanswered Question
Jan 5th, 2009


1. I'm deploying 802.1x on Wired environment and we are using ACS 4.2 with remote agent.

2. For redundancy purpose, i install 2 ACS SE and 2 Remote Agent.

3. The 1st Agent works perfectly with the AD. It can translate both machine and user authentication request.

4. The 2nd Remote agent can only with user authentication request. For machine authentication, it will try to pass the long "host/B4XRQ1S.XXX.COM" to the AD.

5. This is what the 2nd RA pass to the AD:-

Could not find machine host/B4XRQ1S.XXX.COM [2413,-2147016672]

host/B4XRQ1S.XXX.COM is not a valid machine name

6. With the 1st Remote Agent, it work perfectly. It will only pass the machine name :-

Attempting Windows authentication for user B4XRQ1S$

Windows authentication SUCCESSFUL (by XXXDC04)

Anyone has any idea what is happening. I checked and found both server has same configuration

When 1 point the ACS SE to the 1st RA, it works perfectly. But when i point to the 2nd RA, it cannot authenticate the machine.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jhillend Mon, 01/05/2009 - 12:16

There can be a number of things causing this, but most probably some issue with the second RA and the DC it's installed on.

I advise you to open a TAC case on this issue.


This Discussion