Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1314
Views
0
Helpful
1
Replies

ACS 3.2 and win2000 authent

a.diot
Level 1
Level 1

‎11-14-2003 06:39 AM - edited ‎03-10-2019 07:34 AM

hi all,

I've read that ACS 3.2 doesn't support the upn format of a user (user@domain), it only support qualified format (domain\user).

win 98, xp... are ok with domain\user but win 2000

send user@domain.

how authent win 2000 clients in several different domain with ACS and external database?

in a wireless environment will the pb be the same or the 802.1X client (supplicant) solve it sending domain\usr?

Thanks ,regards

Labels:
0 Helpful
1 Reply 1

aschiebe
Level 1
Level 1

‎11-14-2003 11:53 AM

Hi

The User Principal Name (UPN) format isn't supported (except for EAP-TLS , within the certificate).

However, if you read the previous statement in

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_user_guide_chapter09186a0080193aba.html#222679

you can see that WinNT,Win2K and WinXP Dial Up Networking clients provide the domain name in a specific domain field and not necessary in the UPN format.

In Wireless Environments it depends on the authentication method :

EAP-TLS is covered for UPN format support.

LEAP (Cisco ACU) also asks for the domain in a seperate field

PEAP (either MS Client or Cisco client) also ask for the domain in a seperate field.

Hope this helps,

Ami

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents