Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

'Could not find user' with EAP-TLS in ACS

Hi all,

we are running ACS 4.2(1) Build 15 on a Win2003 member server and use the ACS for EAP-TLS with certificates (Microsoft-PKI) for WLAN authentication (WLC 4402, 6.0 and 4.2). We are using both machine and user authentication.

Sometimes machine authentications fail with following message in AUTH.log:

AUTH 11/01/2010 09:11:28 E 1395 1904 0x31cb External DB [NTAuthenDLL.dll]: Could not find user host/<xxxxxxxx>.com (0x5012)

But some minutes/hours later the same machine can authenticate successful. Other machines never have this problem, no problems at all with user authentications.

Does anyone have an idea where I can proceed with troubleshooting? I haven't found any related messages in server event logs. Are there any other logs where I can find reasons for these problems that are occuring only sometimes?

Thanks

Kai

  • AAA Identity and NAC
Everyone's tags (3)
1 REPLY

Re: 'Could not find user' with EAP-TLS in ACS

AUTH.log and RDS.log are two log file you need to look into on ACS side. Make sure the log level is set to "Full"

You might need to check the log on AD side to see why it could not find this host.

Comparing the logs between the working and non-working cases might be helpful.

1634
Views
0
Helpful
1
Replies
This widget could not be displayed.