Greetings

I am setting up acs radius

I got a local account to work, but hitting a wall for ldap.

The error specifically is 15015 Could not find ID Store - Internal Error, contact TAC

ACS 5.2.0.26

WLC - 4404 - 7.0.98.0

Client Mac os x 10.6

LDAP novell e-directory

These are the steps I followed

ACS

Step 1

Define network resources

under NETWORK RESOURCES

created location

created device type

under NETWORK RESOURCES>NETWORK DEVICES and AAA Clients

created WLC with correct IP, checked radius box and entered shared secret - this all work with local account

Step 2

under USERS and IDENTITY STORES>EXTERNAL IDENTITY STORES>LDAP

created an LDAP Identity Store

entered all relevent info

click test Bind to server > pop up connection test bind succeeded

Tab DIRECTORY ORGANIZATION

filled in and click on Test Configuration

pop up Number of subjects >100 Number of Groups 66

select directory groups

obtain attributes from example subject

Step 3

under POLICY ELEMENTS

created a Date and Time SESSION CONDITION > allowing all time

created a Authorization profile under subsection NETWORK ACCESS

Step 4

under ACCESS SERVICES

click on DEFAULT NETWORK ACCESS

add PEAP - GTC under allowed protocols

click on IDENTITY and select my LDAP Identity Store

click on authorization and create a rule matching the date and time with authorization profile

Step 5

On the wlc

wlan was created with wpa/wpa2

and AAA radius pointing to ACS

same settings that worked with ACS local account

Step 6

enable client radio and join WLAN

Pop up username and password

says authenticating but to no avail.