Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS V3.0 and UPN logon name

We have ACS V3.0 on Win2000 Server(AD) & WinXP client. The client is configured for LEAP + 'Use windows user name and password' setting .

-> When using the pre-Win2000 usernames authentications is OK . ex.: username :hpgedadm

-> When using the UPN (user principle name) logon names the authentication fails .

ex.: username : dirk.geenen.admin@interbrew.net

On the ACS server the Authentication-failure code: Radius extension DLL rejected user

On the Windows 2000 AD no corresponding authentic failure is seen in the event logging .So apparently the ACS radius server has a problem with UPN's. Is there a setting or is this not supported on V3.0 or..?

Thanks,

Luc.

1 REPLY
Cisco Employee

Re: ACS V3.0 and UPN logon name

Cisco Secure ACS does not support the user@domain (UPN) format of qualified usernames when

authenticating users with Windows user databases of any type, including local and domain SAM

databases and Active Directory databases.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/d.htm#71627

R/Yusuf

122
Views
0
Helpful
1
Replies