Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

CiscoACS 3.2 with Active directory on EAP MD5 for 802.1x

dear all

i have simple query . can i username and password from active directory in case of 802.1x aut with EAP MD5 protocol if intergated cisco ACS 3.2 and win2K Active directory , if yes can some forward me any link for same

New Member

Re: CiscoACS 3.2 with Active directory on EAP MD5 for 802.1x

I really don't think you want to use MD5 with 802.1X authentication - keep in mind that the 802.1X authentication phase takes place in clear-text, and MD5 is fairly trivial to break with little effort. I'm not familiar with ACS, but one gotcha that you'll have to configure on the w2k AD side is to set an Account policy for your the users you wish to MD5-authenticate to use reversible encryption. To do this set a group policy on your users organizational unit, setting reversible encryption is under Windows Settings -> Computer Configuration -> Security Settings -> Account Policy -> Password Policy, and enable "Store password using reversible encryption." Good luck, mike.

CreatePlease to create content