ACS v3.3 and CS user unknown

boc.sichuan · ‎02-28-2006

Hi,

Got a server running ACS v3.3 talking to a SecurID ACE server. When I set a user up to use SecurID, ACS always reports "CS user unknown" - when the user is plainly in the database. If I change user back to use Internal auth - it works a treat.

If tried using the "Unknown user policy" to force all requests to SecurID - this works OK -

cisco v2.3 seems to work fine - is there a bug with v3.3 ?

ACS version 3.3(1)

RSA ACE client 5.0

darpotter · ‎02-28-2006

Hi

Was this by chance an ACS that was upgraded from a previous working version? Just a hunch.

This is a scenario I've not come across before. Try deleting and re-adding the user. Also try deleting and re-entering the RSA authenticator config. Sounds like one or the other has been damaged.

ACS does an internal search for the user first before anything else. To get unknown user suggests the user lookup is failing.

That a weird one!

Darran

boc.sichuan · ‎02-28-2006

thank you ,but i uninstall acs and reinstall 3.3 ,then i create new user ,reconfig external user database ,this problem is still exist ,anybody can help me ?

darpotter · ‎03-01-2006

Try settings logs to max, run the test again and post the csauth "auth.log" (part of).

Has to be something messing up the username.