Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS 4.2 - Username format for Wireless User authentication

Hi all,

I am using ACS 4.2 for Wireless users authentications. ACS is integrated with the Active Directory as External Database. What I can observe is, when a user attempts to login using "username", ACS dynamically maps an entry for this user, but if the same user re-attempts with "domain\username", there is another dynamic mapping against the same AD user.

Can I strip off the domain name from the username automatically if the user inputs this, or is there any other way to control this as I want a single mapping for each AD user either he/she logs in using "domain\username" format or "username" format.

I have read about Domain name stripping on LDAP configuration and Domain Qualified names things, but how to apply these in this situation? Or is there any other way?

Looking forward for valuable response.

Regards, Sohail

4 REPLIES
Silver

ACS 4.2 - Username format for Wireless User authentication

Hi Sohail,

  You can go to ACS 4.2> Network Configuration> Proxy Distribution Table> Edit> Domain Stripping.

Regards

Minakshi (Do rate the helpful posts)

New Member

ACS 4.2 - Username format for Wireless User authentication

Thank you Minakshi for quick response. Will this strip off the domain name if enter? I hope you got my point that I want to have only one user mapping against each AD user, who attempts to log in using either domain name or without domain name.

Regards, Sohail

Silver

ACS 4.2 - Username format for Wireless User authentication

Yes, Sohail. It will certainly remove the domain name.

Regards

Minakshi (Do rate the helpful posts)

New Member

ACS 4.2 - Username format for Wireless User authentication

Hi Minakshi,

In addition to the stripping the domain name, is there any way that I can restrict the user to put the domain name with username like "domain\username"? Can I create any NAP or NAR in which I can check if the user is sending the username in "domain\username" format and rest can be denied?

Regards, Sohail

214
Views
0
Helpful
4
Replies
CreatePlease to create content