05-23-2008 07:09 PM - edited 07-03-2021 03:55 PM
Hi All,
I'm using ACSE 4.1+4402+Windows Database, we want to limit one username/password can only be used one time for authentication in the same time. Right now, we found we can use the same username/password to login to the WLAN from different laptops at the same time. I have tried to set "max sessions per user" to be 1 in ACSE's group configurations(user will use group setting), but it didn't work, we can still use two laptops to login to the WLAN by using same username/password at the same time, and in ACSE's passed authentication log, we can see different client had used the same username to login to the WLAN.
Any ideas? Thanks!
05-24-2008 07:36 PM
Try to set this in the wlc:
config netuser maxEapUserLogin 1
or
config netuser maxuserlogin 1
I know this works for local users, but might work in your case too.
05-25-2008 04:43 PM
Hi Scott,
Thanks for your advice, what version have you tested with this command? I use 4.2.112, it didn't work if I use ACSE to authenticate.
05-25-2008 06:25 PM
I have only tested with the 4.0 version. the only thing I can suggest is to open a TAC cas with the security AAA group. I have never tried to only allow one user, but since that is a selection in ACS, openeing a case with the wrieless TAC will only lead you back to the AAA team.
05-25-2008 07:30 PM
I was just reading your post again and noticed you set the max user to 1 on the group and not on the user in that group. The weird thing is that the user profile overrides the group setting. Either set it per user or verify that it is set to use group settings. That should work, if not.... I would open a TAC case.
05-25-2008 08:02 PM
I have configured the user to use group setting. However, I have also tried to set it at user level, the same result. I will open a TAC case. Thanks for your help!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: