08-11-2009 01:46 AM - edited 03-10-2019 04:38 PM
We are trying to authenticate against a AD group, instead of authenticating with AD it gives the following message and places the users in the default group, any ideas ?
RDS 08/10/2009 23:54:03 P 0786 3192 0x0 Found local user MSNET\ibis5471
RDS 08/10/2009 23:54:03 E 5800 3192 0x0 Failed to get group info about user:MSNET\ibis5471 - CSAuth client has passed userID with invalid id info
08-17-2009 04:26 PM
It is a known issue that ACS does look ups based on the outer id instead of the inner id when the outer identity is a username. For whatever reason, when the outer identity is anonymous, ACS correctly does its lookups based on the inner identity.
It is entirely possible this is why fast-reconnect also fails. I saw the following entries in the RDS.log that correspond to the reported fast-reconnect error in the Failed Attempts log.
08-19-2009 08:09 AM
It is normal ACS behavior for AD users to show up in the local users database once they have authenticated. This is a caching feature that is enabled by default(and can be disabled).
Are users being allowed access, but these messages are showing up in the logs?
08-20-2009 10:33 PM
I disabled the whole setup to Windows AD,
so the authentication should fail, still the authentication for the devices are valid, they are in the default group (0).
The default group (0) is off limits for everybody, but still these users enter via this group, how is this possible ?
08-21-2009 01:28 AM
You can create a mapping and map default group with no access group.
08-21-2009 01:42 AM
I already did that, it still enters the default group (0),could it be a problem with my link to AD ?
08-21-2009 05:37 AM
Does that user belongs to multiple group in AD?
08-25-2009 11:15 PM
Yes, it belongs to multiple groups in AD, but for the moment the whole AD setup is offline, but still users enter via the group 0.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide