ACS and Active Directory

Hello everybody outhere using Cisco devices

I have a problem with a ACS Server Version 4.0 and a Windows Active Directory 2003. The architechture that Im using is:

a) User (supplicant) presents credentials to a IOS Switch via IEEE

802.1X b) The switch (client) forwards credentials to RADIUS Server (ACS 4.0 /Windows ) c) The RADIUS server (ACS 4.0 / WINDOWS) forwards credentials to W2003 Active Directory d) The user is denied or granted access to the network depending the case

I can authenticate users perfectly if they are configured with protocol PEAP on his IEEE 802.1X network interface options and Active Directory authenticate users with his database,

I can authenticate users that are configured on the local ACS database

But when I configure MD5 Challenge on the supplicants (Windows XP) they cannot get access to the network and on ACS logfiles I can read a a "Auth type not supported by External Database"

I triend enabling reversibly encrypted passwords in a domain but that does not work and I cant authenticate users with MD5 on Active Directory

Can anybody please help me?? This is an issue that I've been working during 1 week and I cannot solve

regards Lalo

Reply to
Loading thread data ...

As far as I know this cannot be done because Active Directory does not do MD5 passwords (only MS-CHAP.) This is why you are getting "Auth type not supported" error message.


Reply to
thrill5 Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.