We have an ACS 4.2 installation and we have users configured on the user setup, they authenicate using the windows database (AD).
We ran failure tests and simulated AD failure but disabling the firewall rule.
So the ACS server is up, AD is down. Tested user login to a switch and get the following error. External DB user invalid.
It looks like as the ACS does not get a response from AD it rejects the user login.
What we want it to do is in the event of AD failure is to be able to login to the switch with the username configured on the switch. (as if ACS server does not respond)
Any ideas how we achive this.
|Date||Time||Message-Type||User-Name||Group-Name||Caller-ID||Network Access Profile Name||Authen-Failure-Code||Author-Failure-Code||Author-Data||NAS-Port||NAS-IP-Address||Filter Information||PEAP/EAP-FAST-Clear-Name||EAP Type||EAP Type Name||Reason||Access Device||Network Device Group|
|02/03/2012||14:09:13||Authen failed||test.test||Network||192.168.1.1||(Default)||External DB user invalid or bad password||..||..||tty3||10.0.0.1||..||..||..||..||..||SWITCH30||Office|