Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

24408 User authentication against Active Directory failed since user has entered the wrong password

       Hi there,  I have setup ACS as TACACS server for login request for routers and switch. every time when try to access use the AD user account, it shows above errror, but the password is correct. if I use the account int the internal store there is no issue.  following is the record from ACS monitoring and report:

... ... ....

Evaluating Identity Policy
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication Reply

Evaluating Identity Policy
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication Reply

Evaluating Identity Policy
Matched rule
Selected Identity Store - AD1
Current Identity Store does not support the authentication method; Skipping it.
TACACS+ will use the password prompt from global TACACS+ configuration.
Returned TACACS+ Authentication Reply
Received TACACS+ Authentication CONTINUE Request
Using previously selected Access Service
Identity Policy was evaluated before; Identity Sequence continuing
Authenticating user against Active Directory
User authentication against Active Directory failed since user has entered the wrong password
The advanced option that is configured for a failed authentication request is used.
The 'Reject' advanced option is configured in case of a failed authentication request.
Returned TACACS+ Authentication Reply
... ... ...

Please let me know if you have any suggestion. thanks in advance. Roy

  • LAN Switching and Routing
1023
Views
0
Helpful
0
Replies