Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Authentication failure with ACS and External User Database

I'm using ACS 3.2 and I configured ACS with a Windows Database as External User Database for users to authenticate.

I selected the domain in W2K AD and the users groups

to map them with the Cisco Secure Groups.

In the Default group, I put <no Access> for All other combinations.

When, we try to connect on an equipment by telnet using the username/passwd of a user in these groups, we have an authentication failure with this message:

'External DB account restriction'.

The user doesn't appear in the users list and there is no mapping between NT Groups and CiscoSecure groups.

Help would be appreciated.

Patrice

4 REPLIES
Silver

Re: Authentication failure with ACS and External User Database

Are you getting this error after an upgrade?? It could happen that the external database settings don't replicate. You may have to reorder the LDAP instances in the registry to match what is on the original server.

Hope this helps.

New Member

Re: Authentication failure with ACS and External User Database

In fact, I would like to implement this kind of configuration because LMS and ITM CiscoWorks stations do not manage password aging. So I must find a workaround and it's the reason why I tried to implement an external windows database with Active Directory in the ACS box.

Anonymous
N/A

Re: Authentication failure with ACS and External User Database

New Member

Re: Authentication failure with ACS and External User Database

Thanks.

I saw this bulletin. The only thing different is the domain administrator account which doesn't act as part of the operating system.

132
Views
0
Helpful
4
Replies
CreatePlease to create content