Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

problems with device manager tacacs authentication

We've recently upgraded our Device Manager to 4.1(3a) and have a mix of switches running this version as well as older versions (3.3(3)). We use AAA tacacs+ on the switches to a Cisco ACS server for user authentication. The ACS server backends out to our Windows Domain authentication service. Typically usernames are formatted as follows: domain\username

This has worked fine for a long time, however now DM 4.1(3a) can't authenticate a user on a 3.3(3) switch. Various debugs and logs on the ACS point to problems handling the \ character in the username. A single \ gets "eaten" by either DM or the switch(don't know which) and the ACS sees a login attempt from domainusername, which of course fails.  A \\ doesn't work either, in this case both \ characters are passed through to the ACS which now see a login attempt from domain\\username which also fails.

Looked at all the release notes, CCO bug searches, google and previous forum articles and found nothing on this.

Any help would be appreciated.



  • Storage Networking
Everyone's tags (3)
This widget could not be displayed.