Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
483
Views
0
Helpful
2
Replies

login failures

followurself
Level 1
Level 1

‎02-19-2007 05:22 AM - edited ‎03-10-2019 02:59 PM

we have acs 3.2 and is used to authneticate windows AD users. Its authenticating fine. recently we created a new group called rdp in windows. there are few users in that group. we need them to use vpn and authneticate against AD the same way , the other users getting authenticated.but we see error on ACS windows logon type not granted. not sure wht it is. user has allow access in dial-in, the windows remote agent have permissions on RDP group to look into the accounts under the group. but it just doesnt work. wht cd be the problem

Labels:
0 Helpful
2 Replies 2

amrkrish
Level 1
Level 1

‎02-19-2007 06:18 AM

Can you tell us what is the exact failure message you are getting in ACS ?

May be this link can help you.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_user_guide_chapter09186a0080204ce9.html

0 Helpful

followurself
Level 1
Level 1
In response to amrkrish

‎02-19-2007 06:25 AM

Hi,

The below message is wht i see on ACS under failed attempts

Windows logon type not granted

we have 2 groups called adsl and rdp respectively. all adsl group users are getting authenticated by acs but only when users in rdp try they fail with above error. i have mapped the groups accordingly on acs, windows remote agent have read permission in AD on rdp and adsl group. also tried removing the user from rdp group to adsl and it works but only when in rdp it doesnt. i dnt understand why. our server team who manges AD say they have done thier bit but i dnt see anything i can do on ACS

0 Helpful
Customers Also Viewed These Support Documents