Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS 4.0 New Administrative users can't log in.

We just migrated from 3.3 something to 4.0 a few weeks ago. On the old system, we had two administrative users: administrator (with full rights) and hd (with rights only to see logged in users and failed attempts). After the conversion, and moving to a new server, all of which worked flawlessly, the administrator user works fine. However, the hd user gets a "login failed" every time someone tries to log in, even with a good password. (I've reset the password to easy things, removed the password, etc.)

Also, if I edit the hd user, and click on "Grant All" for access, hd can log in. I've tried going through the items a few at a time to see if there is one that can be turned on and allow it to work, but haven't found one, and it's extremely time-consuming to go through attributes one at a time, log out, and log back in to troubleshoot. This happens with a brand new administrator as well - if it hasn't got full rights, it can't og in.

The administration audit log is not very helpful, only listing:

05/24/2006 10:36:26 -SECURITY- 192.168.11.95 Administrator 'hd' login failed.

This worked fine before the upgrade, allowing the help desk members to check which employees were in, on which machines (VPN or dial), and why they were failing if they were.

Is this a bug?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ACS 4.0 New Administrative users can't log in.

Hi Rich,

I tried this in the lab and it works fine (access to only failed attempts and logged in users) with ACS 4.0. I am not sure if this is specific to an upgrade.

BTW, have you tried to delete the admin "hd" and add another admin using a different username with only rights to failed and logged in users ?

How about adding an admin without any priviliges ? Can he sucessfully log in ?

Obaid.

1 REPLY
Cisco Employee

Re: ACS 4.0 New Administrative users can't log in.

Hi Rich,

I tried this in the lab and it works fine (access to only failed attempts and logged in users) with ACS 4.0. I am not sure if this is specific to an upgrade.

BTW, have you tried to delete the admin "hd" and add another admin using a different username with only rights to failed and logged in users ?

How about adding an admin without any priviliges ? Can he sucessfully log in ?

Obaid.

193
Views
0
Helpful
1
Replies