Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
633
Views
0
Helpful
7
Replies

Cisco ACS check for AD

m.bilal.iqbal
Level 1
Level 1

‎01-16-2012 10:45 PM - edited ‎07-03-2021 09:23 PM

Hi,

     Is there any way to check that the Users were authenticated by AD through cisco ACS 4.2, I have deploy the Cisco ACS 4.2 with WLC 5500, now i have to check whether the user are authenticated by ACS or AD kindly guide me how i check it.

all users were connected and authenticated having domain user.

i am confuse whether ACS authenticate users from internal database or from AD.

Kindly help me..... ill b very thankful to you.....

M.Bilal Iqbal

Labels:
0 Helpful
7 Replies 7

George Stefanick
VIP Alumni
VIP Alumni

‎01-16-2012 10:54 PM

Hello, yes i believe if you check the pass logs in ACS it should tell you what data base the user was auth against. Internal or your domain.

Have you checked your PASS logs?

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

m.bilal.iqbal
Level 1
Level 1
In response to George Stefanick

‎01-16-2012 11:12 PM

Hi,

Thanks for your reply, are you talking about Passed Authentications log, if not can you guide me from where i get this log.

M.Bilal

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to m.bilal.iqbal

‎01-16-2012 11:16 PM

Yes exactly. I dont have my 4.2 in front of me but there is a column that should state where the user was auth from. Also, you can check if your WLC is to check local first or AD.

You have identical user name and passords local to the ACS and also in AD, really?

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

m.bilal.iqbal
Level 1
Level 1
In response to George Stefanick

‎01-16-2012 11:22 PM

no i have different users for internal and for AD, as you know that we have to make a group and add users in it and map the ACS group against the AD group. so it confuse me if we enter the users in that ACS group then all the users will authenticated by ACS internaly or it will check AD also?

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to m.bilal.iqbal

‎01-16-2012 11:30 PM

If you check the user record itself, there is a drop down as to where that user should authenticate against (acs or external).

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

m.bilal.iqbal
Level 1
Level 1
In response to George Stefanick

‎01-16-2012 11:38 PM

Are you talking about this user setup. yes i select windows database for it....

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to m.bilal.iqbal

‎01-16-2012 11:44 PM

Ok if you have a user set up in ACS in a group and it is marked "windows" its getting sent to AD to get authenticated. Did you check your pass logs ? There is a field called database. This should show you if the user is ACS or AD. If its AD it will have the name of your domain (that was set up in ACS).

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card