Using AnyConnect NAM for wireless and AD password changes

Answered Question
Aug 15th, 2012

Hi,

I am having a problem with AD password changes and wireless profiles in AnyConnect. Once a user changes their password from their PC and then tries to connect to our WPA2 802.1x wireless it fails to authenticate and I cannot find a way to update the password that works. So we currently delete the wireless profile and create a new one. Is there a way that NAM could pull user/password from login or any other fix. We are also using ACS 4.1. AnyConnect version 3 to 3.0.5080.

Thanks!                 

I have this problem too.
0 votes
Correct Answer by Tarik Admani about 1 year 8 months ago

In your anyconnect profile did you set the "use single sign on credentials"? Also did you try the repair option to see if it works after that (I am not suggesting a solution but for troubleshooting). Does logging on and off the machine help resolve the issue? Does this happen on all workstations?

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/ac04namconfig.html#wp1166170

Even though this is for user authentication this bug seems like a candidate:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtx03814&from=summary

Thanks,

Tarik Admani
*Please rate helpful posts*

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 4.5 (4 ratings)
Correct Answer
Tarik Admani Wed, 08/15/2012 - 09:52

In your anyconnect profile did you set the "use single sign on credentials"? Also did you try the repair option to see if it works after that (I am not suggesting a solution but for troubleshooting). Does logging on and off the machine help resolve the issue? Does this happen on all workstations?

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/ac04namconfig.html#wp1166170

Even though this is for user authentication this bug seems like a candidate:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtx03814&from=summary

Thanks,

Tarik Admani
*Please rate helpful posts*

Amjad Abdullah Wed, 08/15/2012 - 11:05

Tarik: useful as usual.

I used anyconnect only once to connect wireless. I remember that i could not change anything after creating the profile. I had to delete the profile and create a new one if I want to do any change. That's why i did not like it and left it since then.

Sent from Cisco Technical Support iPad App

Tarik Admani Wed, 08/15/2012 - 11:07

Amjad,

I have ran into the same issues as you had, when you change the profile you have to pick the configuration.xml file and then once the changes are complete you have to repair the anyconnect so the services restart. If you still had issues after that then I can understand your frustrations.

Tarik Admani
*Please rate helpful posts*

cweatherford@sc... Wed, 08/15/2012 - 11:28

I hadn't seen the new version release. I will test that. Yes, it was anyone using AnyConnect but I was wrong on the versions. One version of AnyConnect stopped login scripts so we upgraded to the next version (up to 3.0.5xx) and then we ran into the password issue.

Amjad, We have had issues with AnyConnect but i still love it. Turning off the wireless when connected to the LAN is one of my favorite features. However, a few months ago all users who were not using AnyConnect suddenly could not connect to our wireless. I never did figure that one out....

Thanks to both of you!

Chad

Actions

Login or Register to take actions

This Discussion

Posted August 15, 2012 at 7:28 AM
Stats:
Replies:4 Avg. Rating:4.5
Views:480 Votes:0
Shares:0

Related Content

Discussions Leaderboard