Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1063
Views
0
Helpful
1
Replies

ACS server no longer authenticating

Colin Higgins
Level 2
Level 2

‎11-25-2013 06:56 AM - edited ‎02-21-2020 05:02 AM

Not sure which forum to put this in, but here it goes

I have a Cisco ACS server 4.1 that provides authentication to routers and switches on my network via tacacs+

The software was installed on a Windows 2003 domain controller, but we had to do a dcpromo to make it a standard domain member server.

Now the ACS server no longer accepts authentication requests

Has anyone see this before? Can I fix it?

0 Helpful
1 Reply 1

Colin Higgins
Level 2
Level 2

‎11-26-2013 07:34 AM

OK, I can add a little to this:

ACS server service account has been given rights to log on locally, act as part of the OS, and to log in as a service. The machine seems to be correctly on the domain, and the domains show up in the database field within ACS when configuring authentication. The DNS servers were also changed on the ACS server to point to our new DNS (which is working fine for all other machines).

When I try to authenticate against ACS from a router, I see a message in the auth.log saying windows authentication failed with a code of 6L

So my question is, what has changed? What am I missing?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card