ACS with AD-with authentication of twins

Similar Questions

• Proxy with authentication Client-side

  Hello

  How is the vWorkspace installation connector when the ClientSide a Proxy is activated with authentication?

  My problem is that the AppPortal cannot load the XML files with the following error:

  "xml document must have a top level element.

  When I download the XML file on the local disk that I can import the XML file, but the Application cannot be started. with the following error:

  "These data are incorrect."

  Need help.

  Thank you

  Jeje

  I discovered that the cause is a filter webcontent (DansGuardian) behind the proxy.

  When avoid us what the connection is working.

  Everyone knows with something like that?

• Integration of ACS with AD

  Hello support,

  I downloaded an ISO image of the ACS and test it on my vmware. I tried to integrate my acs with my active directory which is also inside my vmware.

  I configured the NTP ACS pointing to my AD server server. But the connection failed when I checked the connection between the ACS and my AD server.

  What could be the problem on my installation?

  Kind regards

  mbox23ron

  If your time is synchronized, then the second typical reason for the AD-integration not working is a DNS miscofigured.

  The ACS must use AD - DNS and you should have work the research front and rear.

  Sent by Cisco Support technique iPad App

• Helps the function of class of SMTP with authentication

  My server no longer supports the php mail() feature.  I need to use the SMTP class with the authentication function in my php code, and they suggested this to replace it: on-with-authentication-in-php-code http://www.yrhostsupport.com/index.php?/Knowledgebase/Article/View/101/2/smtp-class-functi

  So, I tried, but cannot make it work. This is my test form:

  < are method = "post" action = "forms/sendmail - test2.php" onsubmit = "return checkEmail (this);" >

  < script type = "text/javascript" language = "JavaScript" >

  < /script >

  < fieldset > < legend > news < / legend >

  < Label > name < / label >

  < input type = "text".

  name = "name" size = "30" maxlength = "40" / > < br / >

  < label > < span class = 'redText' > * </span > Email < / label >

  < input name = "email" type = "text" size = "30" maxlength = "40" / >

  < br / >

  < label > < span class = 'redText' > * </span > Message < / label >

  < textarea cols = "40" rows = "5" name = "message" type = "text" / > < / textarea > < br / >

  < / fieldset >

  < input type = "reset" value = "Reset" / >

  < input type = value = "submit" / >

  < / fieldset >

  < / make >

  It's sendmail - test2.php where going to the form. It will not be sent unless I have comment on the first 10 lines.

  <? PHP

  include ('Mail.php');

  //$to = " [email protected] "; "

  $name = $_REQUEST ['name'];

  $email = $_REQUEST ['email'];

  $message = $_REQUEST ['name'];

  $headers = "from: $email";

  $subject = "price quote";

  $fields = array();

  $fields {'name'} = 'Name ';

  $fields {'email'} = 'Email ';

  $fields {'message'} = 'Message ';

  $recipients = ' [email protected] '; //CHANGE

  $headers ['from'] = ' [email protected] '; //CHANGE

  ["to"] = $headers ' [email protected] '; //CHANGE

  $headers ['subject'] = 'Test Message';

  $body = "test message";

  Set the SMTP settings

  $params ['host'] = "levy.dnsbox25.com";

  $params ['port'] = '25';

  $params ["auth"] = "PLAIN";

  $params ["username"] = ' [email protected] '; //CHANGE

  $params ["password"] = "xxxxxx"; CHANGE

  / Next option allows the SMTP debug and will print the SMTP Protocol

  conversation on the page, it will help only with authentication problems. */

  $params ['debug'] = 'true ';

  Create the mail object using the Mail::factory method

  $mail_object = & Mail::factory ('smtp', $params);

  Print the parameters you use for the page

  {foreach ($params as $p)

  echo "$p < br / > ';

  }

  Send the message

  $mail_object-> send ($recipients, $headers, $body);

  ? >

  It used to work well when I used

  $send = mail ($ $subject, $body, $headers);

  $send2 = mail ($from, $subject2, $autoreply, $headers2);

  But they said I can't use it anymore. I'm good with HTML and CSS, but I don't know much about php. Thanks for any help integrating one of in this new code!

  It is to be expected. When you assign a value to a variable that was already assigned, you replace the previous value. You must add. Try this

  $body = "name:". "." $name. "\r\n". "e-mail:". "."  $email. "\r\n". $message

• Production server has encountered a problem with authentication

  I am creating my first app using DPS app builder, what step have been done correctly, however create the application gives the f

  the following error

  "The production server has encountered a problem with authentication.

  Everyone face this before? How to solve this problem? I can't find anything in the document files

  Sign on dashboard of DPS, agreement with terms and conditions and check your email id. This should solve the problem.

• SSL with authentication

  I would like the SSL/HTTPS configuration with one of my applications. I use the EPG and APEX 4.0.1.
  
  I selected "SSL with authentication" on the authentication scheme-> change. However, he seems to not have changed anything. All pages are still HTTP.
  
  Is there something else that needs to be done?
  
  Thank you very much
  Reid

  Reid:

  This option of authentication scheme made reference to how make LDAP calls, it doesn't have any effect on the protocol used by the server HTTP (XDB HTTP Server in your case). For the XDB HTTP server using the https protocol, you must watch the following documentation:

  http://download.Oracle.com/docs/CD/E11882_01/AppDev.112/e16659/xdb22pro.htm#i1026724

  Kind regards

  Jason

• the ACS 5.1 stopped authentication logs after restart!

  Hi all

  I recorded the configuration running on first startup and restarted the ACS 5.1. Since then he stopped authentication logs, if I can connect to network devices using Ganymede connection, but I get no logs of authentication Ganymede? Your prompt response will be appreciated

  Rgds

  HK

  Hello

  Can you please access the ACS CLI through SSH or Console and run "display the acs application state? Are all ACS services running or some hang on the State "Initializing" or "not tested"?

  If so, you might want to try a restart of services ACS with 'stop acs', then 'start acs '.

  If the reports are not displayed on the follow-up and reports it is generally considered a problem with ACS View services.

  I hope this helps.

  Kind regards.

• Authentication of ACS with PEAP / MSCHAPv2 - customer rejecting Server

  Hello

  Have a network setup wireless with Cisco 1131AG towers, c6500 WISN module test (4404-WLC) is authenticating with a Cisco ACS appliance (1113) using PEAP and MSCHAPv2 authentication.

  The laptops have the Cisco SSC customer (in collaboration with Mgmt SSC utility).

  A self-signed certificate created on the fate of ACS and root exported and installed on the laptop computer of TCL.

  IF CSSC box 'validation Server' is not selected, the authentication process works and I am able to connect to the network.

  IF CSSC "Validation of server" is checked, the authentication will fail.

  The problem, it appears that the customer refuses the server certificate:

  "Server certificate chain is not valid.

  The GBA, in the 'fail' authentication logs, message the following is stated:

  "Authentication failed during SSL negotiation" (which obvioously refers to the strand of string not valid)

  Any ideas?

  When you create a self-signed certificate, is there a specific directory, when the server certificate must be located? as c:\cert\certificate.cer

  Also, the certificate name must match host name of GBA?

  i.e." CN ="

  Any advice or pointers would be appreciated.

  Thank you

  Questions, it's that when you check the validation of server Box, you must make sure you have the certification authority in the root Certification Authority trusted. For example, in windows, there is a list of servers CA where you check the server certificate validation and also one of the root certification authority is on the list. If the root CA is not listed, then you must add to the list and check it out.

  You are right on the client rejecting the sever cert... Authentication failed during SSL negotiation

  This doc will give you an overview:

  http://www.Cisco.com/en/us/products/sw/secursw/ps2086/products_configuration_example09186a0080545a29.shtml

• With Cisco Secure ACS for Windows GANYMEDE +, authentication fails with AD

  I'll put up a Cisco Secure ACS 4.2 server to act as a RADIUS server for switches and routers I use Windows 2003 server for the candidate countries.
  and an Active Directory of Windows 2003 server.  The ad server is very good, it is used for many other things.

  I've implemented ACS as defined nit it installation guide, including all the steps in the "Member Server" section of the installation guide
  When you use AD as an external database (e.g. setting up services to run with a domain administrator account, set up a machine called "CISCO"
  on the field, etc.).

  I've set the unknown user policy to use the database of Windows, if the internal database does not contain the details of the user.

  If I add a user to the internal database, authentication goes through fine, with an entry in the journal "Authentication," spent

  02-24-2010, 05:07:03, authentic failed, eXXXX, Network Administrators (NDG), X.X.X.X, (default), internal error, (get the internal error error message)

  I scoured google etc and just cannot come up with any reason why this should be the case.
  I followed all of the installation to the letter guides.  I need to get this up and running as soon as possible,
  so am eager to know if someone can help me with this one!

  Thanks and greetings

  Sharan

  George,

  Internal error is fairly generic, but a common situation, we see this error is when ACS is installed on a

  64-bit computer.  ACS would not work with the active Manager when it is installed on the 64-bit before machines

  ACS 4.2.1.

  -Jesse

• [ACS 5.4] PEAPv1 authentication with MAC filtering

  Hello

  Our WiFi use the PEAPv1 authentication.

  It works very well with different devices (computer, tablets, smartphones).

  Now, I want to filter the devices of the company. We have all the MAC addresses of these devices.

  Is it possible to activate authentication PEAPv1 combined with MAC filtering in Cisco ACS?

  I don't want to filter addresses MAC on WLC...

  Thank you

  Patrick

  Hi Patrick,

  See if this helps:

  http://www.Cisco.com/en/us/Tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml

  https://supportforums.Cisco.com/thread/2163123

  Agentless network access:

  http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/common_scenarios.html#wp1053005

  Ed

• Authentication Radius ACS with WLC 5508 and AD 2012 5.5 failure

  Hello

  I need help on these errors.

  Here is my configuration: WLC 5508 7.6.130.0-> ACS 5.5.0.46-> AD 2012

  I have (2) errors in ACS 5.5

  12514 EAP - TLS failed SSL/TLS handshake because of unknown CA in the client certificate chain

  22044 result of identity politics is configured for certificate-based authentication methods but based received password

  Already installed the CA cert and cert local in ACS as well as in the client PC.

  Please see screenshots

  OK, in this case:

  1. you will need to properly configure the Windows pleading before that this can work. You need to set the type of authentication and the trusted certification authority. If the certification authority is not available in the list of certificates, you need to import

  2. If you do PEAP then your identity store should be Active Directory and no profile authentication certificate. The certificate authentication profile is used for the basis of certificates (EAP - TLS) authentication.

  Thank you for evaluating useful messages!

• 5.2 ACS with different RADIUS authentication servers

  Hello

  I want to migrate from ACS ACS 5.2 4.1. I have already configured authentication GANYMEDE +, but now I've stuck to the RADIUS authentication for remote access WebVPN configuration. Please see the following diagram:

  

  I want to configure ACS to use Server Token WBS first. If authentication fails or the user is not found, ACS must use IAS in Windows Server. If this server fails also ACS must use internal DB. Additional attributes as belonging to a group or ACL downloadable should be taken from internal ACS DB.

  Is it possible to configure ACS like that? ACS 4.1 it is very easy to configure by selecting the per user authentication method.

  Thanks for your help!

  There is an option in the Advanced tab of definition 'RADIUS Identity server' th:

  This storage of identity differentiates between 'authentication failed' and 'user not found' when an authentication attempt is rejected. Among the options below, select how a rejection of authentication of the identity store must be interpreted by FAC for the politics of identity of treatment and reports.
  Releases to treat as 'authentication failed' treat dismisses them as "user not found".

  In order to continue in the sequence, I think you have to select the option "user not found".

• Cisco ACS taccas + problem with authentication

  I'm having a problem authenticating to a switch using taccas + my ACS 5.2 server. I can actually do a 'test of aaa group taccas + username password inheritance' and returns a successful user authentication. When I try to use this same account to authenticate the switch, it is unsuccessful, and I'm not even that attempt to hit GBA.

  Most likely, is a configuration of Miss of the AAA command on the switch.

  Sent by Cisco Support technique iPad App

• ACS 5.0 with authentication VPN

  Hello

  If you would be grateful if someone could guide me how to configure the ACS5.0 radius for authentication of remote access VPN.

  And how could I implement the Pools of IP for VPN users.

  Best regards

  Lunedor

  Hello

  An IP address assignment is not possible the GBA. However, you can configure the simple vpn authentication.

  GBA:

  access policies> default network address> identity(select internal users or if its AD then select AD) > authorization > click on customize > move the desired condition>
  
  for example> device ip address> put in the ip address of ASA(vpn device)> authorization profile> permit access.
  
  so it will be>
  access policy> default network access> identity(internal users or AD)> authorization > create rule> device ip=1.1.1.1 > authorization profile=permit access
  
  

  You can follow the link for common scenarios below:

  http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/common_scenarios.html#wp1152364

  Concerning

  Bellefroid

  Note the useful messages

• 5.2 ACS with Ganymede + can not support switch Alcatel.

  I have a few Alcatel Switch and I want to use tacscs + ACS 5.2 for Alcatel Switch admin authentication.

  the reason: 13011 failure not valid GANYMEDE + query package - possibly mismatched shared Secrets

  But I've been checking the secrecy is correct.

  Before I tried ACS associated with vision 4.2 is working.

  Pls review of attachment for the ACS report.

  Thanks for giving me suggest.

  Hello

  Can't give an you answer, but witch alcatel model/version do you run?

  I have the same problem with OS6250 (6.6.1.636.R01) and acs5.2 unpatched. I'm looking for alcatel or acs bugtrack

  you looked: 144246 PR on:

  http://www.alcadisipsolutions.nl/files/Support_files/Alcatel-Lucent/OmniSwitch/OS6250/Firmware/OS6250%20AOS%206.6.1%20-%206250%20+%206250M%20models/OS6250%20AOS%206.6.1.739%20R01/OS6250%20AOS%206.6.1.739%20R01%20Release%20Notes.pdf

  David