Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 3.2 and win2000 authent

hi all,

I've read that ACS 3.2 doesn't support the upn format of a user (user@domain), it only support qualified format (domain\user).

win 98, xp... are ok with domain\user but win 2000

send user@domain.

how authent win 2000 clients in several different domain with ACS and external database?

in a wireless environment will the pb be the same or the 802.1X client (supplicant) solve it sending domain\usr?

Thanks ,regards

1 REPLY
New Member

Re: ACS 3.2 and win2000 authent

Hi

The User Principal Name (UPN) format isn't supported (except for EAP-TLS , within the certificate).

However, if you read the previous statement in

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_user_guide_chapter09186a0080193aba.html#222679

you can see that WinNT,Win2K and WinXP Dial Up Networking clients provide the domain name in a specific domain field and not necessary in the UPN format.

In Wireless Environments it depends on the authentication method :

EAP-TLS is covered for UPN format support.

LEAP (Cisco ACU) also asks for the domain in a seperate field

PEAP (either MS Client or Cisco client) also ask for the domain in a seperate field.

Hope this helps,

Ami

114
Views
0
Helpful
1
Replies
CreatePlease login to create content