Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
Machine authentication fails and the "DsCrackNames failed" error message appears in the auth.log file of the ACS
This issue is due to the presence of Cisco Bug ID CSCsd52574.
When machine authentication, either Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST) or Microsoft Challenge-Handshake Authentication Protocol (MS_CHAP), is attempted after the Cisco Secure Access Control Server (ACS) has lost and then regained connectivity to the global catalog server, authentication can fail and the MachineSPNToSAM: __DsCrackNames failed auth.log error message can be generated in the auth.log file.
This issue occurs in an environment where there is more than one global catalog server for the domain. ACS does not search for the secondary catalog server if the primary goes down.
Note: This issue is particularly seen when ACS is installed on a domain member server.
The temporary workaround for this issue is to re-start csauth.exe.
In order to completely resolve this issue, download and apply the ACS patch version 4.1(1) or higher.