Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

LEAP, ACS 3.1 Active Dir username changes

We have an active directory domain.

We have users with 350 pcmcia cards in their thinkpads connecting to 1200 APs set to allow authentication to an external DB (the AD domain).

Everything was happy until a user got married.

Her name changes.

My day is ruined.

Now, when she logs in the ACS server flags it as a failed attempt instantly. I can replicate this perfectly. It doesn't allow her to login. When she sits down at a wired machine she can login with no problems. So we know the account is good. What I can't understand is why, if we're set to pass unknown users and all authentication to the external DB (AD domain), this doesn't work? Surely the ACS server should just treat this new username as unknown and bounce it to the AD domain?

Anyone seen this before? Or perhaps more importantly anyone fixed this yet? I've posted over at CCO on the cisco site and no luck there yet. I've also googled extensively and nothing of use. Lots of info on password changes but nothing on username changes.

many thanks


note: edited for clarity

New Member

Re: LEAP, ACS 3.1 Active Dir username changes

What does the error in the "Failed Attempts" log say on the ACS server?

Is there a single AD domain in your org? If there are multipel domains, could there be a user with the same username in another domain that ACS is checking first?

New Member

Re: LEAP, ACS 3.1 Active Dir username changes


Interesting thought but there is only one user with this ID thoughout the organisation.


CreatePlease login to create content