Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Message on ACS server

Hi,

I am getting this message on our ACS server:

" Radius extension DLL rejected user"

Does anyone know what this message means? It seems that it is not documented.

Regards,

Tom

  • AAA Identity and NAC
2 REPLIES
Cisco Employee

Re: Message on ACS server

The error you are experiencing is a fairly broad one and could mean that you have an incorrect

username/pwd, or a mismatch with the communication between the ACS server and the windows domain if,

you are using External User Databases. Could you please confirm whether or not you are using a back

end to an external user database, in particular, a Windows domain? One thing that I have found

quite common in this circumstance is that the external user database is configured to check for

"Grant Dial-in Permission for user". If the user does not have this set (regardless of the fact

that this is not a dialin session), it will fail the authentication request.

By the way, what version of ACS is this?

Thanks,

yatin

Silver

Re: Message on ACS server

Tom,

Please give us more info like:

-Version of ACS

-External database type ?

Also, need to see the auth.log file from your ACS Server. Please, go to your failed attempt file, get the username that failed and then search thru the auth.log file and paste the failed portion of the log. Should be able to provide you the direction.

Thanks,

Mynul

137
Views
0
Helpful
2
Replies
This widget could not be displayed.