Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

how to limit one username can be only used one time for authentication?

Hi All,

I'm using ACSE 4.1+4402+Windows Database, we want to limit one username/password can only be used one time for authentication in the same time. Right now, we found we can use the same username/password to login to the WLAN from different laptops at the same time. I have tried to set "max sessions per user" to be 1 in ACSE's group configurations(user will use group setting), but it didn't work, we can still use two laptops to login to the WLAN by using same username/password at the same time, and in ACSE's passed authentication log, we can see different client had used the same username to login to the WLAN.

Any ideas? Thanks!

5 REPLIES
Hall of Fame Super Silver

Re: how to limit one username can be only used one time for auth

Try to set this in the wlc:

config netuser maxEapUserLogin 1

or

config netuser maxuserlogin 1

I know this works for local users, but might work in your case too.

-Scott
*** Please rate helpful posts ***
Bronze

Re: how to limit one username can be only used one time for auth

Hi Scott,

Thanks for your advice, what version have you tested with this command? I use 4.2.112, it didn't work if I use ACSE to authenticate.

Hall of Fame Super Silver

Re: how to limit one username can be only used one time for auth

I have only tested with the 4.0 version. the only thing I can suggest is to open a TAC cas with the security AAA group. I have never tried to only allow one user, but since that is a selection in ACS, openeing a case with the wrieless TAC will only lead you back to the AAA team.

-Scott
*** Please rate helpful posts ***
Hall of Fame Super Silver

Re: how to limit one username can be only used one time for auth

I was just reading your post again and noticed you set the max user to 1 on the group and not on the user in that group. The weird thing is that the user profile overrides the group setting. Either set it per user or verify that it is set to use group settings. That should work, if not.... I would open a TAC case.

-Scott
*** Please rate helpful posts ***
Bronze

Re: how to limit one username can be only used one time for auth

I have configured the user to use group setting. However, I have also tried to set it at user level, the same result. I will open a TAC case. Thanks for your help!

157
Views
0
Helpful
5
Replies