Issue with LDAP login authentication in CMC console

Similar Messages

• Issue with form based Authentication in three tier sharepoint 2013 environment.

  Hi,
  We are facing issue with form based Authentication in three tier environment.
  We are able to add users to the database and in SharePoint.
  But we are not able to login with created users.
  In single tier everything working fine
  Please help , Its urgent ... Thanks in advance.
  Regards,
  Hari
  Regards, Hari

  if the environments match, then it sounds like a kerberos double-hop issue
  Scott Brickey
  MCTS, MCPD, MCITP
  www.sbrickey.com
  Strategic Data Systems - for all your SharePoint needs

• Photoshop issue with network login

  All my editors are having issues with photoshop and creating a new document. The program launches fine, but when they go to create a new document, they get the RWOD and it locks up and needs to be force quit.
  If I login to the local account I can launch photoshop and create a new document without any issues. I have checked the system log in Console, but it does not show me anything that would appear to cause issues. I ssh to that machine and watched system log while they attempted to create a new document and nothing showed up at all.
  Anybody have any ideas on what would be causing this? I have tried trashing the prefs as well with no luck. Thanks

  there was no error occured in AE monitoring as per logs it processed successfully, but receiver party which is outside organization network complained saying that they receive this file empty.
  Logs for your reference received by third party:-
  2011-08-26 08:23:35 XXX.XXX.XX.XXX 21 980 XXX.XXX.XX.XXX 33081 3172 XXXX-X-p@br 0 0 File Name 3 >>FILE INFO: D:\ftp\kunden\File Name was opened. Sharing is 1. File Handle is 0x00000b24.
  2011-08-26 08:23:35 XXX.XXX.XX.XXX 21 980 XXX.XXX.XX.XXX 33081 3172 XXXX-X-p@br 0 0 File Name 3 Did not receive any data, Error=1506, SubError=0, WSAError=0
  2011-08-26 08:23:35 XXX.XXX.XX.XXX 21 980 XXX.XXX.XX.XXX 33081 3172 XXXX-X-p@br 0 0 File Name 15 >>FILE INFO: D:\ftp\kunden\File Name was closed. File Handle is 0x00000b24.
  2011-08-26 08:23:35 XXX.XXX.XX.XXX 21 980 XXX.XXX.XX.XXX 33081 3172 XXXX-X-p@br 0 0 File Name 15 Finishing STOR, Triggering events manager for FX_EVENT_FILE_WRITE_SUCCESS
  2011-08-26 08:23:35 XXX.XXX.XX.XXX 21 980 XXX.XXX.XX.XXX 33081 3172 XXXX-X-p@br 0 0 File Name 15 RESPONSE: 226 Closing data connection. Transferred 0 bytes in 1 seconds. 0KB/second.
  where in PI we could see message contains data and message has been successfully processed, could it be issue on receiver end?
  thanks.

• Issue with LDAP sign in

  Hello experts,
  We have hooked up our BO application with LDAP in our company. In BOE configuration evry thing went fine. But, when the user from LDAP side tries to login into  BO it  is  not accepting their USER ID's indeed they are able to login with their full CN and DN names.
  Details..
  > users cannot login with their original id's.
  > but they are able to login with cn and dn names.
  I tried to change the settings of BO searching criteria in ldap groups. but i am not able to do that.
  anyone faced these kind of issue.. please help me guys. 
  Points will be assigned for every small clue.
  Thanks
  Prashanth

  The user search name is the value you should be looking at in the LDAP attributes, that's the one that it will send to LDAP on a logon attempt. If you changed this value after mapping a group, I'm not sure but you may have to remap the group to get the change.
  So on the LDAP side verify the user search attribute = the username you expect to login with (i.e. cn, samaccountname, uid, etc)
  Regards,
  Tim

• Issue with Administrator Login to CMC

  Hi,
  I have been trying to log on as 'Administrator' to CMC with blank password, but it is failing. I was able to log in before without any password. I am getting the following error message:
  "Enterprise authentication could not log you on. Please make sure your logon information is correct. (FWB 00008)"
  Any thoughts why this might be happening now?
  We are on Linux server with Business Objects Edge 3.1
  Thanks...

  Hi
    Make sure by default your CMC page is pointing to same CMS that you were able to logon
  Regards
  Ashwini

• Issue with LDAP Connection becuase of Network issue

  Hello All,
  We have some network issues going on which is causing the NIC (Network interface card) to failover to another NIC. Due to this failover SUN access manager's LDAP connection pool fills up and we see errors in logs "Directory is down". We have to restart the Access manager to resolve this issue which refresh the connection pool of LDAP.
  Now we have set the setting as recommended in admin guide/tuning guide. Like
  1. Set event connection idle timeout to less that firewall or loadbalancer idle timeout value.
  2. event connection retry count and interval on perticular error code.
  Despite of above settings its not working out. Is there other way to get all the stale connections back to the LDAP pool without restarting the server?
  Or something which handles the network failover or failback?
  Regards
  Chetan Kulshrestha

  The user search name is the value you should be looking at in the LDAP attributes, that's the one that it will send to LDAP on a logon attempt. If you changed this value after mapping a group, I'm not sure but you may have to remap the group to get the change.
  So on the LDAP side verify the user search attribute = the username you expect to login with (i.e. cn, samaccountname, uid, etc)
  Regards,
  Tim

• *Strange* Issue with WPA2-LEAP Authentication

  I suppose I should preface this with the fact that my poor little laptop uses one of the dreaded Broadcom cards (Dell Studio 1555 & BCM4312).
  A while back, I decided I would experiment with Gentoo on my laptop. No wireless. Couldn't get it to work for weeks. Ditched Gentoo and went back to Arch. No wireless. Tried that for another couple of weeks. No wireless, tried Ubuntu, Ubuntu Studio, OpenSUSE, Puppy, Debian, and Arch, again. On the last try, it finally worked. By accident. I discovered that my computer now reads the ethernet port as eth1 and the wireless as eth0 for whatever reason (I've seen eth1 as wireless before, this is the first time that I've seen it as eth0).
  Now, here is my issue. I live on a university campus which requires a username and password to log on to the campus wireless. I am currently connected to a contraband router in a student lounge because I can't connect to the standard dorm wireless.
  My computer seems to have no problem with connecting to regular WPA2 networks, but it fails connecting every time that it tries to authenticate the university network.
  Just wanted to hear your two cents. I'm moving off-campus soon, so it doesn't matter, I just wanted to hear y'all's opinion on this and how to possibly fix it in the few days that I am still here.
  EDIT: I am using wicd.
  Last edited by janvaletin (2012-05-07 11:22:18)

  Found the cause of this issue. For authentication against LDAP with APEX you have to make sure that your APEX_XXXXXX has the correct network ACL priviliges.

• Issue with web access in view administrator console after connection server 5.5 installation.

  Hi All,
  I am  trying to bring up my setup with ESXi 5.5 and vcenter 5.5 U2. I made a DNS server and made two 2008 R2 machines and launched vcentre and connection manager on them.
  After installing connection server 5.5, I am unable to open the web UI by clicking "view administrator console" icon on my desktop! I installed proper certificated and iis module too and confirmed that my https certificate is properly working. (snapshot attached, filename - snapshot_view_webpage.jpeg)
  I google for the possible error and tried below mentioned links but none of them worked.
  1.)    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2004759
  Corrected this error but still system is in same shape and i am unable to get the console's admin webpage.
  2.)    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2001277
  In this method, my admin folder  didn't got recreated as the service restart got stuck for a long time and throws error that service restart got time out!!(snapshot attached)
  Can some one please help me to move forward. Please let me know if you need more information from my end.
  Thanks,
  Jeevan

  Since the policy AKS is top in sequence under service selection rule so it should hit for sure. As you wrote that even after disabling the default device admin, then also request is hitting the same and restarting the ACS services resolved the issue. The symptoms of your issue are exactly same as stated in this defect.
  CSCuo93378    Certain browsers cause ACS database corruption
  Due to this issue we have seen cases where request hits the disable and default policies without any reason. Actually accessing ACS via chrome mess around with all the operators in conditions.
  The only workaround is to access all the rules and conditions in supported browser. Ensure all the operators are correct, save the changes and restart the ACS services.
  The issue seems to be fixed in ACS 5.5 patch 5
  Regards,
  Jatin

• ML 10.8.3: issue with netuser login

  Hi all,
       I've setup a ML 10.8.3 MacMiniServer. Latest Servertools are installed. DNS and OD are up and running perfectly. Due to the fact, that I need performance and reliability for the the netusers homefolders, I've created a folder NetUsers on a RAID10 volume (two external RAID1 HHD housings linked together as a RAID0 using the software RAID function in diskutility) and started creating users with their homefolders located there. The old Users-folder is still in place for local server users. What happens now is that netusers who have their homefolders located in the NetUsers folder on the RAID10 volume are able to login to any Mac client. So far, so good. But if I use quick user switch and try to login a second NetUser on the same client while the first one is still logged in, the log on the Mac client shows this:
  May 15 22:31:49 ws02.fritz.box authorizationhost[1190]: ERROR | -[HomeDirMounter mountNetworkHomeWithURL:attributes:dirPath:usernam e:] | PremountHomeDirectoryWithAuthentication( url=afp://macminiserver.homenet/NetUsers, homedir=/Network/Servers/macminiserver.homenet/Volumes/filevolume/NetUsers/user 01, name=user01 ) returned 16
       I did some research and found out that this only happens to netusers with the homefolders stored on the RAID10 volume. Any netusers created with their homefolders stored in the original Users folder are able to login to the Mac client while another netuser is already logged in.
       I've checked all the permissions (UNIX permissions and ACL) and find them all identically.
       Is somebody able to help me with this issue? What does errorcode 16 mean? I've googled a lot but cannot find a list of errorcodes and descriptions of them. Any help is highly appreciated!
  BR
  Jens

  Linc,
       thanks for the links, but they don't really help me, because multiple netuser can log into a i.e. MacBookPro at the same time if their homedirs are stored in the default Users-folder. If their homefolders are stored in the new homefolder on the ext. drive multiple logins fail. So, it's pretty clear AFP can handle this, but obviously there's something wrong with the ext. homedirfolder.
  And. I'm not loging in with network users to the server itself. I'm just talking about Clients like iMacs and MBPros.
  BR
  Jens

• Issue with creating login session in C#

  I am attempting to work on integration with our application using C#. I am having an issue getting the C# login example to work. I am using the corresponding pod identifier for my instance in my url and my user account is configured with the correct access rights for the user I am using to log in.
  I am able to make ws requests directly with the soapUI testing utility and including the credentials in the request as a UsernameToken element, but when I attempt to run the example code in the C# login example, I get a 500 internal server error and this response from the server:
  <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>Server</faultstring><detail><ErrorCode>SBL-ODU-01006</ErrorCode><ErrorMessage>REQUEST DENIED: Quota &apos;WS-SESSION:AHMA-LEC4G&apos; does not have sufficient available quota.(SBL-ODS-00318)</ErrorMessage></detail></soap:Fault></soap:Body></soap:Envelope>
  I have been unable to find anything about either of the error codes that point to this similar situation besides people getting the 01006 error when they had URLs incorrect.
  If anyone has any insight as to what I may be doing incorrectly, please let me know.
  Thanks.
  Edited by: user13027546 on Apr 27, 2010 6:44 AM

  I am facing the same issue in my Java project. I coded it a few weeks back and all was working well until my trial version expired. Today when I applied for a new trial to complete the initial POC for SOD integration, it didn't let me login using the API. Gave me the following error:
  <?xml version="1.0" encoding="UTF-8"?>
       <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
            <soap:Body>
            <soap:Fault>
                 <faultcode>soap:Server</faultcode>
                 <faultstring>Server</faultstring>
                 <detail>
                      <ErrorCode>SBL-ODU-01006</ErrorCode>
                      <ErrorMessage>REQUEST DENIED: Quota &apos;WS-SESSION:AHMA-QXQHA&apos; does not have sufficient available quota.(SBL-ODS-00318)</ErrorMessage>
                 </detail>
            </soap:Fault>
       </soap:Body>
  </soap:Envelope>
  IntegDeveloper, were you able to fix the issue in C#?
  Sean, I don't think there is a SOAP request corresponding to the login request, because its a simple HTTP Connection that we open and pass the credentials to.
  Need help!!!
  Thanks,
  Salman
  Edited by: user13106189 on May 11, 2010 7:40 AM

• Issues with LDAP Server | Solaris 8

  Hi All,
  In my project we are using Solaris 8 as LDAP server for authentication. Some folders owner and group is assigned to LDAP user by default. I think it should be root and others.
  Please find the below example:
  *8 drwxr-xr-x 42 gip_admin set_investors_author 3584 Jan 24 00:01 .
  *8 drwxr-xr-x 42 gip_admin set_investors_author 3584 Jan 24 00:01 ..
  6 -rw-rw-r-- 1 gip_admin ampm_retail_english_author 2062 Jan 22 14:03 archive
  2 drwxr-xr-x 2 root nobody 512 Aug 6 2003 cdrom
  2 drwx--l--- 3 gip_admin set_investors_author 512 Dec 9 07:33 data
  2 drwxr-x--- 2 root other 512 Nov 12 16:20 data1
  Can you please help me to solve this issue.....
  Thanks in Advance
  Manju

  Hi,
  Its is not mounted on NFS. It is local disk only.
  Its is Solaris 8 server.
  # ls -lan
  drwxr-xr-x 18 0 0 1536 Dec 11 05:00 .
  drwxr-xr-x 46 91550 94293 2560 Jan 11 10:37 ..
  -rw-rw-rw- 1 0 1 524204 Aug 2 2006 110951-06.jar
  drwxr-xr-x 2 0 1 512 Dec 11 05:01 Backup_files
  -rw------- 1 0 1 17 Apr 22 2005 DBVERSION
  drwxrwxr-x 2 101 2000 512 Oct 18 2004 DD
  drwxr-xr-x 2 0 1 512 Sep 19 2006 J2SEPatch-13092006
  #cat /etc/passwd
  root:x:0:1:Super-User:/:/usr/bin/bash
  daemon:x:1:1::/:
  bin:x:2:2::/usr/bin:
  sys:x:3:3::/:
  adm:x:4:4:Admin:/var/adm:
  lp:x:71:8:Line Printer Admin:/usr/spool/lp:
  uucp:x:5:5:uucp Admin:/usr/lib/uucp:
  nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
  listen:x:37:4:Network Admin:/usr/net/nls:
  nobody:x:60001:60001:Nobody:/:
  noaccess:x:60002:60002:No Access User:/:
  nobody4:x:65534:65534:SunOS 4.x Nobody:/:
  basant:x:1001:10::/apps/basant:/bin/sh
  tis:x:1003:1::/apps/tis/:/usr/bin/bash
  ldap:x:1004:100::/home/ldap:/bin/sh
  iwui:x:100001:60001:Interwoven TeamSite UI Daemons User:/apps/iw-home:/bin/sh
  oracle:x:1002:101: Oracle user:/apps/oracle:/bin/sh
  vadmin:x:100002:1::/apps/vadmin/:/bin/sh
  sshd:x:100003:2003:sshd privsep:/var/empty:/bin/false
  temp:x:111112:1::/home/temp:/bin/sh
  verity:x:111113:1::/apps/verity/:/usr/bin/bash
  test1:x:12312311:1::/home/test1:/bin/sh
  hai:x:12312312:1::/home/hai:/bin/sh
  #cat /etc/group
  [root@sun5-/opt]# cat /etc/group
  root::0:root,tomcat
  other::1:bpeditor,lpg_admin,lpg_author,lpg_publisher
  bin::2:root,bin,daemon
  sys::3:root,bin,sys,adm
  adm::4:root,adm,daemon
  uucp::5:root,uucp
  mail::6:root
  tty::7:root,tty,adm
  lp::8:root,lp,adm
  nuucp::9:root,nuucp
  staff::10:
  daemon::12:root,daemon
  sysadmin::14:
  nobody::60001:
  noaccess::60002:
  nogroup::65534:
  iplanet::100:
  dba::101:
  sshd::2003:
  apps::94356:
  testa::12312323:
  oat_users_test::12312325:
  Thanks

• Issue with Lion login screen

  Any idea why this might be happening when Lion gets woken up from sleep?

  Have you got this box ticked:
  Regards,
  Colin R.

• Issues with OSSO ,custom login module and form based authentication

  Hi:
  We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
  authentication and Custom login module.
  Application is going in infinite loop when we we try to login using osso ,from the logs
  what I got is looks like tha when we we try to login from OSSO application goes to the login
  page and it gets the remote user from request so it forwards it to the home page till now
  it is correct behaviour ,but after that It looks like home page find that authentication is
  not done and sends it back to the login page and login page again sends it to the home as it
  finds that remote user is not null.
  Our web.xml form authentication entry looks like this :
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/jsp/login.jsp</form-login-page>
  <form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
  </form-login-config>
  </login-config>
  While entry in orion-application.xml has the following entry for custom login :
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true" />
  <property name="role.mapping.dynamic" value="true" />
  </jazn>
  Whether If I change the authentication type to BASIC and add the following line
  in orion-application.xml will solve the issue :
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true" />
  <property name="role.mapping.dynamic" value="true" />
  <jazn-web-app auth-method="SSO" >
  </jazn>
  Any help regarding it will be appreciated .
  Thanks
  Anil

  Hi:
  We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
  authentication and Custom login module.
  Application is going in infinite loop when we we try to login using osso ,from the logs
  what I got is looks like tha when we we try to login from OSSO application goes to the login
  page and it gets the remote user from request so it forwards it to the home page till now
  it is correct behaviour ,but after that It looks like home page find that authentication is
  not done and sends it back to the login page and login page again sends it to the home as it
  finds that remote user is not null.
  Our web.xml form authentication entry looks like this :
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/jsp/login.jsp</form-login-page>
  <form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
  </form-login-config>
  </login-config>
  While entry in orion-application.xml has the following entry for custom login :
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true" />
  <property name="role.mapping.dynamic" value="true" />
  </jazn>
  Whether If I change the authentication type to BASIC and add the following line
  in orion-application.xml will solve the issue :
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true" />
  <property name="role.mapping.dynamic" value="true" />
  <jazn-web-app auth-method="SSO" >
  </jazn>
  Any help regarding it will be appreciated .
  Thanks
  Anil

• LDAP/AD Role group user login issue in sharepoint 2010 FBA with LDAP

  Hi.
  I created sharepoint 2010 site with LDAP FBA.If I add the AD user as form based user and try to login to my site its working very well but if I add a AD Group in to my site and try to login with one of the AD user of this group its say "Access
  Denied".
  In my project we want add AD group in sharepoin Groups not a individual AD users.
  Can anyone help me with this please its urgant?

  I added both LDAP membership and LDAP Role provider.And I can also find groups in people picker in my Central Admin and FBA Web app site colleciton.  
  <add name="ADMembers"
  type="Microsoft.Office.Server.Security.LDAPMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C"
  server="company.com"
  port="389"
  useSSL="false"
  userNameAttribute="sAMAccountName"
  userContainer="DC=company,DC=com"
  userObjectClass="person"
  userFilter="(|(ObjectCategory=group)(ObjectClass=person))"
  userDNAttribute="distinguishedName"
  scope="Subtree"
  enableSearchMethods="true"
  otherRequiredUserAttributes="sn,givenname,cn"
  />
  <add name="ADRoles"
  type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
  server="Company.com"
  port="389"
  useSSL="false"
  groupContainer="DC=Company,DC=com"
  groupNameAttribute="cn"
  groupNameAlternateSearchAttribute="samAccountName"
  groupMemberAttribute="member"
  userNameAttribute="sAMAccountName"
  dnAttribute="distinguishedName"
  groupFilter="(ObjectClass=group)"
  userFilter="(ObjectClass=person)"
  scope="Subtree" />

• An issue with authentication and authorization on ISE 1.2

  Hi, I'm new to ISE.
  I have an issue with authentication and authorization.
  I have ISE 1.2 plus patch 6 installed on VMware.
  I have built-in Windows XP supplicant and 2960 cisco switch with IOS c2960-lanbasek9-mz.150-2.SE5.bin
  On supplicant I use EAP(PEAP) with EAP-MSCHAP v2.
  I created  authentication and authorization rules with Active Directory  as External Identity Source. Also I applied  authorization profile with DACL.I login on Windows XP machine under different Active Directory accounts. Everything works fine (authentication, authorization ), but only for several hours. After several hours passed , authentication and authorization stop working . I can see that ISE trying authenticate and authorize users, but ISE always use only one account for  authentication and authorization . Even if I login under different accounts ISE continue to use only one last account.
  I traied to reboot switch and PC,but it didn’t help. Only rebooting of ISE helps. After ISE rebooting, authentication and authorization start to work properly for several hours.
  I don’t understand is it a glitch or I misconfigured ISE or switch, supplicant?
  What  should I do to resolve this issue?
  Switch configuration:
   testISE#sh runn
  Building configuration...
  Current configuration : 7103 bytes
  ! Last configuration change at 12:20:15Tue Apr 15 2014
  ! NVRAM config last updated at 10:35:02  Tue Apr 15 2014
  version 15.0
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname testISE
  boot-start-marker
  boot-end-marker
  no logging console
  logging monitor informational
  enable secret 5 ************
  enable password ********
  username radius-test password 0 ********
  username admin privilege 15 secret 5 ******************
  aaa new-model
  aaa authentication dot1x default group radius
  aaa authorization network default group radius
  aaa authorization auth-proxy default group radius
  aaa accounting update periodic 5
  aaa accounting dot1x default start-stop group radius
  aaa server radius dynamic-author
   client 172.16.0.90 server-key ********
  aaa session-id common
  clock timezone 4 0
  system mtu routing 1500
  authentication mac-move permit
  ip dhcp snooping vlan 1,22
  ip dhcp snooping
  ip domain-name elauloks
  ip device tracking probe use-svi
  ip device tracking
  epm logging
  crypto pki trustpoint TP-self-signed-1888913408
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-1888913408
   revocation-check none
   rsakeypair TP-self-signed-1888913408
  crypto pki certificate chain TP-self-signed-1888913408
  dot1x system-auth-control
  spanning-tree mode pvst
  spanning-tree extend system-id
  vlan internal allocation policy ascending
  ip ssh version 2
  interface FastEthernet0/5
   switchport mode access
   ip access-group ACL-ALLOW in
   authentication event fail action next-method
   authentication event server dead action reinitialize vlan 1
   authentication event server alive action reinitialize
   authentication host-mode multi-auth
   authentication open
   authentication order dot1x mab
   authentication priority dot1x mab
   authentication port-control auto
   authentication periodic
   authentication timer reauthenticate server
   authentication violation restrict
   mab
   dot1x pae authenticator
   dot1x timeout tx-period 10
   spanning-tree portfast
  interface FastEthernet0/6
   switchport mode access
   ip access-group ACL-ALLOW in
   authentication event fail action next-method
   authentication event server dead action reinitialize vlan 1
   authentication event server alive action reinitialize
   authentication order dot1x mab
   authentication priority dot1x mab
   authentication port-control auto
   authentication periodic
   authentication timer reauthenticate server
   authentication violation restrict
   mab
   dot1x pae authenticator
   dot1x timeout tx-period 10
   spanning-tree portfast
  interface FastEthernet0/7
  interface Vlan1
   ip address 172.16.0.204 255.255.240.0
   no ip route-cache
  ip default-gateway 172.16.0.1
  ip http server
  ip http secure-server
  ip access-list extended ACL-ALLOW
   deny   icmp any host 172.16.0.1
   permit ip any any
  ip radius source-interface Vlan1
  logging origin-id ip
  logging source-interface Vlan1
  logging host 172.16.0.90 transport udp port 20514
  snmp-server community public RO
  snmp-server community ciscoro RO
  snmp-server trap-source Vlan1
  snmp-server source-interface informs Vlan1
  snmp-server enable traps snmp linkdown linkup
  snmp-server enable traps mac-notification change move
  snmp-server host 172.16.0.90 ciscoro
  radius-server attribute 6 on-for-login-auth
  radius-server attribute 6 support-multiple
  radius-server attribute 8 include-in-access-req
  radius-server attribute 25 access-request include
  radius-server dead-criteria time 5 tries 3
  radius-server vsa send accounting
  radius-server vsa send authentication
  radius server ISE-Alex
   address ipv4 172.16.0.90 auth-port 1812 acct-port 1813
   automate-tester username radius-test idle-time 15
   key ******
  ntp server 172.16.0.1
  ntp server 172.16.0.5
  end

  Yes. Tried that (several times) didn't work.  5 people in my office, all with vers. 6.0.1 couldn't access their gmail accounts.  Kept getting error message that username and password invalid.  Finally solved the issue by using Microsoft Exchange and "m.google.com" as server and domain and that the trick.  Think there is an issue with imap.gmail.com and IOS 6.0.1.  I'm sure the 5 of us suddently experiencing this issue aren't the only ones.  Apple will figure it out.  Thanks.