ACS authenticating Windows DB

Similar Messages

• ACS External Windows Authentication: Pre-Windows 2000 name only works

  Hello. I have attempted to map ACS to Windows AD 2003 as an External Database. That works, but only if I authenticate using the Pre-Windows 2000 name (sometimes called the "down-level" name).
  If I use the Windows 2003 login name, I get a 529 error in the event viewer, stating the username/password is incorrect. This error appears on the Windows 2003 SP1 server running ACS.
  Curiously, if I authenticate using the down-level name, the successful event shows the same authentication package (MICROSOFT_AUTHENTICATION_PACKAGE_V1_0) and "Workstation" and "Login Process" name (CISCO).
  I cannot determine if this is an ACS or Windows problem. Any one have a clue?

  Win2003 logon name: [email protected]
  A Pre-Windows2000 name: [email protected]
  Interestingly, the down-level name will authenticate, but the "up-level" name will not.
  Here are excerpts from AUTH.log:
  Failed up-level name:
  AUTH 01/19/2006 07:52:04 I 4817 3604 Attempting authentication for Unknown User '[email protected]'
  AUTH 01/19/2006 07:52:04 I 0365 3604 External DB [NTAuthenDLL.dll]: Starting authentication for user [[email protected]]
  AUTH 01/19/2006 07:52:04 I 0365 3604 External DB [NTAuthenDLL.dll]: Attempting Windows authentication for user bob.smith
  AUTH 01/19/2006 07:52:04 E 0365 3604 External DB [NTAuthenDLL.dll]: Windows authentication FAILED (error 1326L)
  AUTH 01/19/2006 07:52:04 I 0365 3604 External DB [NTAuthenDLL.dll]: Reattempting authentication at domain COMPANY
  AUTH 01/19/2006 07:52:04 I 0365 3604 External DB [NTAuthenDLL.dll]: Attempting Windows authentication for user bob.smith
  AUTH 01/19/2006 07:52:04 E 0365 3604 External DB [NTAuthenDLL.dll]: Windows authentication FAILED (error 1326L)
  AUTH 01/19/2006 07:52:04 I 2124 3604 Unknown User '[email protected]' was not authenticated
  Passed down-level name:
  AUTH 01/19/2006 07:52:23 I 0365 3604 External DB [NTAuthenDLL.dll]: Starting authentication for user [[email protected]]
  AUTH 01/19/2006 07:52:23 I 0365 3604 External DB [NTAuthenDLL.dll]: Attempting Windows authentication for user bsmith
  AUTH 01/19/2006 07:52:23 I 0365 3604 External DB [NTAuthenDLL.dll]: Windows authentication SUCCESSFUL (by WINDC02)
  AUTH 01/19/2006 07:52:23 I 0365 3604 External DB [NTAuthenDLL.dll]: Obtaining RAS information for user bsmith from WINDC02

• ACS and Windows Domain / AD

  Hi All,
  In my environment there are two Windows Domain - Doamin A and B. ACS is configured on member server in domain B and hence Windows Authentication for users in Domain B is working fine. However I'm unable to see domain A in Configure Domain List on ACS server in Windows Domain configuration menu.
  Please note, there is one way trust between domain A and B with Domain A trusting Domain B.
  Is there a way I can use the same instance of ACS to authenticate the users in Domain A as well? If YES, can you please guide me with some pointers - thanks.
  I'm using ACS and Windows AD elements to authenticate users for SSL Web VPN on ASA 5540.
  Apprecaite quick help on this.
  -Satishcp

  Unfortunatley we are not using the Cisco Secure ACS Appliances, rather its ACS Ver 3.3 running on Windows 2000 Server (member server in Domain B).
  My guess Remote Agents for Windows / Solaris works with Appliances alone.

• ACs For Windows 4.1.(1) build 23

  Hi.
  We´ve got two Windows 2003 Server R2 machines, with installed Cisco ACS For Windows 4.1.(1) Build 23 used for RADIUS users authentication and now days we´re trying to deploy now a TACACS+ configuration to the network device manage now from those ACSs, TACACS+ Accounting tab works fine, but the Accounting administration records or logs are updated but when I click on the TACACS+ Administration Tab the showed log files are empty, I knew about a bug in the 4.1 versión, the question is?
  Can I fix the issue if I upgrade or install only the 4.1.1.23-5 patch?
  It´ll be enough?
  Many thanks.

  Hi.
  We´ve got two Windows 2003 Server R2 machines, with installed Cisco ACS For Windows 4.1.(1) Build 23 used for RADIUS users authentication and now days we´re trying to deploy now a TACACS+ configuration to the network device manage now from those ACSs, TACACS+ Accounting tab works fine, but the Accounting administration records or logs are updated but when I click on the TACACS+ Administration Tab the showed log files are empty, I knew about a bug in the 4.1 versión, the question is?
  Can I fix the issue if I upgrade or install only the 4.1.1.23-5 patch?
  It´ll be enough?
  Many thanks.

• ACS Authentication against Lotus Notes

  Hi Team, is it possible to authenticate Users via ACS against Lotus Notes, similar to MS AD? Regards, Michael

  I don't think it is possible to use ACS with Lotus notes for user authentication. These are the external databases supported with ACS.
  a) Windows User Database
  b) Generic Lightweight Directory Access Protocol (LDAP)
  c) Novell NetWare Directory Services (NDS) when used with Generic LDAP
  d) LEAP Proxy Remote Authentication Dial-In User Service (RADIUS) servers
  e) Token servers
  f) Open Database Connectivity (ODBC)-compliant relational databases (ACS for Windows)

• Installing AUTHENTIC windows 7 ultimate 64bit on Macbook Pro - ERROR, help!

  I am trying to install windows 7 ultimate 64bit (not the beta or RC, this is an authentic windows 7 DVD -- signature edition) on my macbook pro using Bootcamp. When the computer tries to reboot, i get a message that says:
  1.
  2.
  select cd-rom boot type:"
  I saw forum posts with this problem where people were using improperly burned windows 7 versions, however, this is not a burned DVD -- its authentic from microsoft. This means i cant reburn the dvd...
  Any suggestions?!

  Did you by any chance install Snow Leopard on your MacBook Pro?
  My MacBook Pro was working perfectly fine. Installed windows many times the last 2-3 years and never had problems.
  I installed Snow Leopard a couple weeks ago and since then I get this exact same error with all my Windows Install discs (ones that always worked before!).
  Whatever I do. I can't get any Windows installed anymore.
  The discs are fine, Bootcamp menu reads it and recognise it. But the moment you try boot from it you end up with the error the OP is describing!
  And all this, after I installed Snow Leopard. Restoring to previous versions of MacOSX did not help!
  So it seems that the Snow Leopard installation does something to the DVD drives on the MacBook Pro's (upgrading firmware whatever) and now it's ruined!!

• Authentication Window

  Hi
  I have installed Snow Leopard 4 times now and each time i get too a point that I cannot see the authentication window. First thing first. When i installed it everything was ok, i installed some software and after some time when i wanted to install something using Installer but when i get to the last part where i click install it just blinks that it acknowledge the mouse click but nothing happend (there should be an authentication window for user password but it doesn't show). The same is with locks. There are some locks in different parts of System Preferences (like in accounts) and every time i click on one i get a message authenticating (and again the authentication window should show up) but after a second or two it returns to "Click the lock to make changes.". Anybody had similar problem? It only accrues in Snow Leopard. I have tried an upgrade on Leopard aswell as a Erase and Install no difference.

  Hi my good friends,
  Are there another possible causes or solutions to this problem? I have exactly the same problem but I think it is not the keyboard layout the cause at least in my case. Snow Leopard chooses the correct keyboard layout the standard *"ANSI 102 keys US and Others"* . Also I heard that a possible cause could be duplicate fonts. I opened Font Book and clicked *"Select Duplicate Fonts"* and found some duplicates (shows a yellow triangle next to them) and then clicked *"Resolve Duplicates"* Well, that didn't do the trick neither.
  Please let's keep the brain juices flowing to see if we can fix this problem for real. Thanks very much

• Asking authentication window for annonymous users enable bi site when view dashboards or (deploy dashboards to view by anonymous users in sharepoint 2013 )

  Hi
  in sharepoint 2013 i created bi center site
  1) and i followed best practices from Technet for how to create Secure store service,performance Point service applications
  2) and added Unattended service account permissions in SSAS data sources,
  3) given db_owner permissions for performance point service  application pool account in content database.
  4) and my requirement is that deployed dashboards and pointers can be viewable by any users , who without login to
  sharepoint web application,
  so i enable anonymous access for whole web application and bi site.
  but even when i open bi dashboards without login  by view permission user, it asking authentication window.
  i open dashboard designer and deployed using spfarm user in sharepoint webfront end server.
  adil

  PerformancePoint generally does not support Anonymous access, as is the case when using Excel Services data connections:
  https://technet.microsoft.com/en-us/library/ff191193.aspx
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Can Appliance 1113/1120 running ACS 4.1 replicate to ACS for Windows 4.2.1.15.2

  Anyone tested/tried to replication from ACS 4.1 (running on Appliance) to ACS for Windows 4.2(1)?

  Hi ,
  For replication to work between the two acs they should be on same version and patch level.
  Thanks
  Waris Hussain.

• Authentication window not populating when attempting to move a file

  When attempting to move a file that will need administrator authentication, the authentication window to enter a password does not populate. Thus, I am unable to move the file.

  Linc,
  I didnt get back with you this week as we've discovered a number of other "interesting" issues with the iMac. They all seem to (possibly) be related to privilege issues: 1. Cannot move photos to ~Library/Desktop Pictures, 2. Cannot access System Preferences/Security&Privacy (click on the lock to make a change and the User Name and Password "Unlock" window will not appear.) 3. When attempting to install the MS Office For Mac update, the installer will not respond. 4. Cannot boot from an external drive. The computer wants to reinstall the OS X Yosemite when attempting to boot from an external drive.

• Proxy authentication window

  I've installed Java Web Start and I'm experiencing the following behaviour.
  My web browser has a proxy configured and in the Java Web Start
  preferences it's specified to use the browser configuration (not
  manual).
  Now, sometimes the window asking for proxy authentication appears,
  even when I'm not launching a Java Web Start application.
  It seems to me that the proxy authentication window appears when a new Java Virtual Machine is invoked.
  Is it a known behaviour ? What's the reason for it ? How can we avoid
  it ?
  We think it would be very annoying for a user beeing asked repeatedly for proxy authentication, expecially when he/she doesn't understand the reason why it happens.
  My best regards
  Cristina Tomacelli
  Italy

  ... to tweak the config files ?
  If you are on Win32 and your proxy is using ? la NTLM authentication then the 1.4.2 should fix this...
  Tchao.
  Jean-Baptiste Bugeaud
  http://www.up2go.net - WebStart @ the MAX !

• SMB/CIFS authentication window constantly pops up

  I have an Airport extreme.
  I conect my pwerbook via Airport and my powermac via ethernet.
  I've a hard disk connected to the airport.
  Yesterday on my powerbook SMB/CIFS authentication window constantly pops up.
  I have never set up any workgroup so if I click on cancel another window will apear in few second,
  the same is if I insert any password I have ever use in my life.
  HELP ME!!

  I have an Airport extreme.
  I conect my pwerbook via Airport and my powermac via
  ethernet.
  I've a hard disk connected to the airport.
  Yesterday on my powerbook SMB/CIFS authentication
  window constantly pops up.
  I have never set up any workgroup so if I click on
  cancel another window will apear in few second,
  the same is if I insert any password I have ever use
  in my life.
  HELP ME!!
  reformat the disk as HFS+ and access it using AFP.

• Identify Patch Version in ACS for Windows 4.2

  Hi guys,
  I need to identify the correct patch Version in a Customer ACS for Windows 4.2
  How can I do this task ?
  In the about page I cannot find any reference to patch
  My Best Regards,
      Andre Lomonaco

  Hi Lomon,
  After login in to ACS application. You can click on the Cisco logo on top left... You can find the patch version.please refer the below screen shot.
  Please do rate if the given information helps.
  By
  Karthik

• ACS for Windows 4.01 question

  Easy question, how do you see the serial number for ACS for windows? is there a command line, is it just the pak # licenses ?
  Thanks.

  Hi,
  No serial number for ACS for windows. No license required for ACS for windows.
  Hope this helps.
  Regards,
  Anisha
  P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.

• Password History Validation - ACS for Windows 4.2.x

  Hello,
  I'm evaluating the Secure ACS for Windows v4.2 platform against PCI DSS v2.0, specifically the "Implement Strong Access Control Measures" section.
  We currently run version 4.0(1) Build 27 and use local user and password management.
  For a variety of reasons I'd prefer to maintain this approach rather than pursue integration with an external identity store such as AD, but I need to know whether or not the in-bult password validation options are stringent enough to meet all of the relevant requirements.
  I believe from the research I've done so far that version 4.2.x should meet the majority, but there is one in partiuclar about validation of previously used passwords that I'm still unclear on.
  In the "Local Password Management" section of the ACS 4.2.1 User Guide (Text Part Number: OL-20208-01) it states that the password validation options include "Password is different from the previous value".
  The PCI standard states: "Do not allow an individual to submit a new password that is the same as any of the last four passwords he or she has used."
  Q) How many previous passwords is the newly submitted password validated against? Is it just the last one or will it check against more? Is there any way to configure how many it checks against?
  Any help or guidance very much appreciated.
  Cheers,
  Nick

  Hi Lomon,
  After login in to ACS application. You can click on the Cisco logo on top left... You can find the patch version.please refer the below screen shot.
  Please do rate if the given information helps.
  By
  Karthik