Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Embedded NT groups won't LEAP authenticate

I have a group mapping in ACS to a Windows 2000 Active Directory Group. If I add the NT users individually to the NT group they are able to authenticate with LEAP just fine. If I add the same users to an NT group and add that NT group to the ACS mapped group it will not let the users authenticate with LEAP. Does anyone officially know if it is supported?

  • AAA Identity and NAC
3 REPLIES
Cisco Employee

Re: Embedded NT groups won't LEAP authenticate

Hi,

Authenticating LEAP to an external NT or AD domain should work fine and is supported.

BTW, can you authenticate any other devivces to the external database? What do the failed attempts log show?

Thanks,

Obaid.

Silver

Re: Embedded NT groups won't LEAP authenticate

Hi,

-Where is the ACS installed (Member Server or on the domain controller)

-Version of ACS?

-Server (NT/2K) where ACS is installed?

-Is it system local admin under which ACS services are running ? Or the domain Admin account?

Pl. use radtest/tactest to simulate authentication packets from/within the server and see if authentication succeds. This link will help you troubleshooting this issue further.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00800afec1.shtml

Thanks,

Mynul

Silver

Re: Embedded NT groups won't LEAP authenticate

Also, whats the main domain (is it NT or AD)? Are you authenticating against a different domain? Thanks,

Mynul

99
Views
0
Helpful
3
Replies
This widget could not be displayed.