Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Changed my AD password now cant get into enable !!!

Hi

Changed my AD password and now i cannot get into the enable side of the cisco switches on our network (we have no routers).

Looking on the logs for the ACS v4.2 I can see the following -

On TACACS+ Accounting you can see the connections which have worked - it the initial tty connections -

When i look in the failed attempts i see the following -

Auth failed -  External  DB user invalid or bad password  or on another occasion internal error

or EAP-TLS or PEAP authentication failed due to unknown CAcertificate during SSL handshake.

Anyone seen this before ?

Steve

1 REPLY

Changed my AD password now cant get into enable !!!

Steve,

Just out of curiosity can you verify your user account in ACS and make sure that the enable password is set to use external database?

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/UsrMgt.html#wp273989

Thanks,

Tarik Admani

Tarik Admani *Please rate helpful posts*
318
Views
0
Helpful
1
Replies
CreatePlease login to create content