Â· After fresh install, all appears to be working, usernames work without domain qualification (domain\username), can log in with all accounts
Â· After an attempt to login with a pre-existing AD username, authentication fails, correct password or not
Â· Authentication continues to fail (fail code: Internal Error), even after restarting the tacacs service, with all usernames, except for those that have been used to log into the ACS server with domain qualification!?!
Â· No amount of restarts / configuration tweaks can return to âfresh installâ operation
This definitely sounds like a bug - anytime you see "internal error" or "unknown error" in failed attempts its an un-handled error.
You'll prob need to set logging detail level to max then do so testing and then open a tac case. The csauth log (auth.log) will be key as there will be diagnostic data from the windows external authenticator dll.
Its is an appliance you'll need to run the support option to generate a package.cab to get the log - s/w you can copy right off.