Lobby Admin account in WLC

Unanswered Question
Jul 14th, 2009
User Badges:

I'm trying to create a lobby admin account on my WLC, easy enough I go to Management>Local Management Users> Create the user and assign him as a Lobby Admin. However, when I attempt to login as that lobby admin I am never allowed in, it just wont let me login as that user. If I look at the WLC logs it reads: Jul 14 16:10:29.282 ews_auth.c:1968 EMWEB-1-LOGIN_FAILED: Login failed. User:nicolasmin. Service-Type is not present or it doesn't allow READ/WRITE permission..

Does anyone know what that means and how I could fix it?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Tue, 07/14/2009 - 19:19
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Do you have radius configured and is management checked. Seems like it is hitting a radius server.

rochoa8aeg Wed, 07/15/2009 - 18:01
User Badges:

Yes I have radius configured but it is only authenticating wireless clients. I have a number of Lobby Admins created and all can log in to the same controller without issue it just doesnt seem to like this name, even if I create a test account it works.

mat.edwards Wed, 07/15/2009 - 04:15
User Badges:

When you created the account did you select 'User Access Mode' as Lobby Admin? Even if you didn't should still log you in just worth checking.


Try to create a different account and test that.


What version of code are you running?

rochoa8aeg Wed, 07/15/2009 - 18:04
User Badges:

I'm running code 4.2.130, and I have a handful of other Lobby Admin accounts created who can log on with no issue.

Yes when I created the account I did select the option in the drop-down box which elects the user as a Lobby Admin.

jicr Thu, 07/16/2009 - 21:14
User Badges:

Do u have a TACACS server configured and TACACS is the primary database for management authentication????


Then make the priority as local then TACACS. It should work

ja raju Mon, 02/28/2011 - 23:50
User Badges:

Hi guys,


I'm having a similar issue. I created a lobby admin account but i'm not able to login using that account.


Error message:

*emWeb: Mar 01 14:56:33.179: %EMWEB-1-LOGIN_FAILED: ews_auth.c:2104 Login failed for the user:lobby. Service-Type is not present or it doesn't allow READ/WRITE permission..



My settings for SECURITY > Priority Order > Management User is RADIUS on top and LOCAL at the bottom. Would switching LOCAL to the top resolve the issue?

Scott Fella Tue, 03/01/2011 - 04:27
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

If your authenticating using a local account created on the WLC, then local should be priority or on the top of the list. Is you are using radius for local management, then you would need to keep radius on the top of the list and create another policy in radius for lobby admin. Lobby admin uses a different service type than management users.


Sent from Cisco Technical Support iPhone App

Actions

This Discussion

 

 

Trending Topics - Security & Network