User Can't Login Into Domain With Right Credentials In Active Directory
Feb 19, 2013user can't login into domain with right credentials in active directory
View 6 Replies
ADVERTISEMENT
Active Directory In One Domain Across Time Zones
Feb 1, 2013I am adding a site in another time zone but keeping the same active directory and domain. the time zone issue if there are no servers in the other time zone?
View 1 Replies View RelatedHow To Login Offsite With Active Directory
Dec 12, 2011I've got this problem with our Operations Manager's laptop not letting him log in once he is offsite(at home). We use an Active Directory server here for all out workstations to log on to the domain but once he is offsite he cannot log in because the laptop obviously cannot find the sever to authorize the user. For now I just have him logging in locally to his laptop and not to the domain when he is offsite but this creates a problem; it makes two users/desktops for him, one user.domain and user.local. Is there a way to tell the machine locally that his username is authorized to let him log onto the domain account though it cannot connect to the domain server?
View 3 Replies View RelatedActive Directory - Domain Controllers Take Over Master Browser Role?
Sep 24, 2012I know that in small networks, one of the computers is elected the Master Browser role, and elections are held every now and then. In domain networks that implement Active Directory, is there still a Master Browser role, or do the domain controllers take over this role?
View 1 Replies View RelatedCisco :: Using Active Directory To Login To Extension Mobility?
Jun 30, 2011I have been rolling out new IP Phones that use extension mobility and the biggest issue Im finding is the need to log-in every day, People t like change and they hate the fact that they have to login every day.I have been to the people at the top and gave them the options of remembering the last user logged so users just need to enter their pin or have EM not log users out at all… both got rejected.
View 2 Replies View RelatedCisco VPN :: ASA 5520 - Login DN Account Locked Out In Active Directory
Mar 6, 2011We are using ASA5520 as our VPN concentrator and has configured IPSec authentication using digital certificates with Microsoft CA for the remote access VPN. The AAA server used for remote user authentication is Windows Active Directory. Screenshot of the AAA configuration is attached. The problem we face is that the "Login DN" account (marked in red box in the screenshot) is frequently getting locked out in the active directory. I have confirmed that the password is the same on both ends and the account is not used any where else.
The NTP server configured for the VPN concentrator is the Active Directory itself but no accounts are configured (not required) for updating the time service in the concentrator.
Sharing :: How To Grant Permissions For Domain User To Directory
Jun 29, 2012I started getting into IT (as a job) a little less than a year ago, though I've been working with computers for close to 20. So networking was never something I was into while working on computers at home. I've been handed a significant position at work and I am learning a lot as I go. I want to know how to grant permissions for a domain user to a directory without adding the user to all of the sub-directories and directories. The only way I've figure thus far is to grant permissions to said folder, then inside remove the "inherit permissions..." but then I have to manually remove the permissions to every other sub-folder.I want to add a single path to a folder by adding single permissions to each folder until the directory in question is reached.
View 2 Replies View RelatedCisco VPN :: ASA5510 / AnyConnect Active Directory User Password Expiration?
May 20, 2012I have a Cisco ASA5510 firewall that has SSL Web VPN functionality and is utilizing AD Server as Authentication server for users.However, we have a policy to change password at certain point of time. Users in the office have no problem. They just login their PC and change password. Users outside of office is a pain when their password is expired. Is it posible for them to change their AD password thru VPN using Cisco Anyconnect?
View 2 Replies View RelatedCisco :: ASA5510 - AnyConnect VPN Active Directory User Password Expiration
May 19, 2012I have a Cisco ASA5510 firewall that has SSL Web VPN functionality and is utilizing AD Server as Authentication server for users. However, we have a policy to change password at certain point of time. Users in the office have no problem. They just login their PC and change password. Users outside of office is a pain when their password is expired. Is it posible for them to change their AD password thru VPN using Cisco Anyconnect? If yes, can you show me how?
View 1 Replies View RelatedLinksys Wireless Router :: WRT120N - Can't Accept Login Credentials When Login From IE10 Browser
May 9, 2013We have a Linksys WRT120N wireless router set up at one of our small offices. I noticed recently when trying to log in to the router to make some admin configurations that it will not accept the login credentials when trying to log in from IE10 browser. Works fine from Chrome, IE9, ect. logging in to a linksys router with IE10?
View 3 Replies View RelatedCisco :: Upgrade From LMS 3.0.1 To 3.1 Or 3.2 - INVREP0102 / User Credentials Are Invalid
Feb 20, 2012How to upgrade from LMS 3.0 December 2007 update to LMS 3.1 or LMS 3.2. The problem is the large number of C2960S-24TS-L switches that my organization has and cannot managed them.. I tried to upgrade devices through Software Center but always Ciscoworks informs me with the following message."Error while downloading package information from [URL] for the selected products. See the log file for details". Also i can not run EOL/EOS inventory report. The message is " INVREP0102: Cisco.com user credentials are invalid. Enter correct credentials." I check my credentials and is right. The server has access to www through proxy without any restrictions. In the past I've already updated devices through the software center. Also in the past i ve run EOS/EOL inventory reports.The LMS 3.0 December 2007 has the following products LMS3.0.116 May 2008
CiscoWorks Common Services3.1.102 Jul 2009, 07:44:58 EEST2.Campus Manager5.0.511 Oct 2009, 07:36:10 EEST3.CiscoView6.1.702 Jul 2009, 07:45:05 EEST4.CiscoWorks Assistant1.0.102 Jul 2009, 07:45:05 EEST5.Device Fault Manager3.0.512 Jun 2010, 07:31:48 EEST6.Internetwork Performance Monitor4.0.102 Jul 2009, 07:45:11 EEST7.Integration Utility1.7.102 Jul 2009, 07:45:14 EEST8.LMS Portal1.0.102 Jul 2009, 07:45:16 EEST9.Resource Manager Essentials4.1.102 Jul 2009, 07:45:17 EEST
Cisco Wireless :: Does WLC 5508 Has Capability To Create Login Credentials With Specific Time Of Validity
Jul 18, 2011Does WLC 5508 has capability to create login credentials with specific time of validity? Could it be used in hotel set-up to provide prepaid access account to guest?
View 2 Replies View RelatedCisco AAA/Identity/Nac :: Wp1430161 Downloadable ACL Dependent On User Credentials?
May 7, 2012I have been reading article url....wp1430161 and I am trying to get my head around the type of port authentication Methods & Modes I am going to require for a Proof of Concept using a Cisco ISE as the Authentication Server.
The switchport will have a single IP Phone in a Voice VLAN and then a Single host in a Data VLAN. Reading this article, I think I should be configuring "802.1x" authentication method using "Single Host" Mode.
However will that support a Downloadable ACL dependent on the user credentials? And will it allow a restricted ACL to be downloaded if authentication of the Machine or the User fails.? I dont really want to create & manage Guest & Remediation VLANs with thier respective ACLs on every switch in my enterprise, including our remote branch offices.
Cisco AAA/Identity/Nac :: ACS5 / One User / Two Credentials (external Token Versus Cert)
Nov 30, 2011I have ACS4 and i am planning to upgrade to ACS5.I would like to have such a rules:I have user1, one ASA device which is VPN concentrator for remote users.ASA have two different tunnel-groups: one which allow for logging via certificate (with mandatory pki authorization thru ACS) with disabled Xauth,and second tunnel-group with allow login thru typical Xauth with authorization thru ACS which users external database (RSA Tokens).So i have one user1 which can login thru VPN using RSA tokencode or certificate.For example: on phone user1 uses certificate, and on PC station the same user1 uses token password.For tunnel-group with pki authorization ASA checks username in ACS and in typical scenario login="CN from certificate" and password="CN from certificate". So we would need "two credentials" for the user - one for pki authorization, and second one external database (RSA token).Is such scenatio possible under ACS 5 ? where one user uses different credentials based on tunnel-group usage ?
View 2 Replies View RelatedAAA/Identity/Nac :: ACS 5.2 With Active Directory
Mar 7, 2011I have installed ACS 5.2 and configured it to join the Company's Domain as an External database with Active directory 2008. I'm facing a problem that the user once authenticated using it's active directory account it's cached in the ACS and take a while for the ACS to clear this username. For example, if user TEST authenticates and then we removed this user from the AD and then tried again; it authenticates although this users is removed from the AD !!! same thing happens when we change the user group on the AD, it takes a while for the ACS to clear the old user attributes and get the new ones from the AD.
it there an aging time for this caching mechanism, or can i clear the dynamic users manually just like in ACS 4.X ?
Servers :: Set Up Active Directory Without DHCP
Mar 23, 2011I am trying to set up a small domain for my business. I just purchased a Windows 2008 server and would like to use it as my domain controller.Also, I just had a new ATT DSL line put in. It came with a 2Wire modem/4-port router/wireless router device, therefore the modem can handle DHCP. The line has a static IP address as well so that I can eventually use my own exchange server and web server.I have tried 2 different configurations and couldn't get either to work) I tried to put the router into Bridged Mode and use DHCP server on my server using a PPPoe connection to connect to the Internet. I was confused as to what my static IP address and default gateway of my server should be.2) Then I tried to turn DHCP server off on the server and routing back on the modem/router. This didn't work either.What method would you recommend and why? Also I have some additional questions on each method.
Method 1)
* What is the static IP address of the server. Is it in the 192.168.1.x address or the static IP assigned to my account?
* Do I need a second Nic Card And Router to connect to the rest of my network or can I use the router provide
* What would the Static IP addresses of the additional PC be. Do I need more than 1 static IP from AT&T Method 2)
* Will this allow me to use all internal IP addresses on my machines and use port forwarding if I want a specific box to be a web server or exchange server.
Adding Computers To Active Directory?
Aug 27, 2012I know that when you create a user account in active directory, the user's computer is also added to active directory. However, in what circumstance would you add a computer to active directory in which there are no user accounts created, or used ?For instance, my Linksys wrt54g router, on the main configuration tab has a space to name the router, which is appropriate called, "Linksys", and it has space to enter it's domain name, which if I named it, I guess it would be. LinksysRouter.**.local.Why add a router to an active directory domain ?Why add any other computer to an active directory domain with no users associated with it ?
View 11 Replies View RelatedHow To Implement Isa Server And Active Directory
Nov 29, 2012I have 1 server where i enabled dhcp server and active directory on it . I still have to install something like ISA server on it as isa doesnt support 2008 r2. point me out on the networking , like how should i connect the clients to the server. And how the wireless router and switch should be connected to the server?
View 1 Replies View RelatedAdding MS Office To Active Directory
Jan 26, 2011I've got a fully working active directory with mandatory profiles. I'm looking into adding MS Office 2007. I have the disk and everything, but I'm wondering how to go about installing it. Must I go around each workstation installing it?
View 1 Replies View RelatedCisco VPN :: SSL VPN With Active Directory On SR520
Apr 7, 2011Having problems configuring an SR520 to support SSL VPN with Active Directory authentication. I set up the domain and a user in the SR520. and get the login prompt remotely but when attempting to login using the active directory account i get a login error. I can login fine using local authentication.
View 5 Replies View RelatedCisco :: Active Directory Authentication Failing?
Feb 16, 2012I am not sure why but when I try to connect with my IPSEC VPN client, authentications are failing. The ldap test passes on the ASA but when I try to login, the VPN client gives me authentication failure even though debugs show authentication was successful.User 'test1' should be able to authenticate based on group membership.User 'test2' shouldn't be able to.I already removed the attribute-map to see if that was the problem but I am still failing authentication.
View 9 Replies View RelatedActive Directory - Required Bandwidth Usage?
Feb 18, 2012Currently We have several Active Directory Domain at several Technical High Schools. These are used by us as a it educational unit(s). The Tech School System's IT Department has a fiber wan between the schools that allows communication between these units. We wanted to interconnect the unit's Active Directory's with Trusts or by combining them into one forest. However I am wondering How much bandwidth that alone would require? There make be some file access between units but not on a daily basis since the units are separate from one another. How much bandwidth do you think this would require?
View 5 Replies View RelatedCisco AAA/Identity/Nac :: Active Directory And ACS 5.3 Failure?
May 21, 2012I am receiving a RADIUS authentication failure stating user must change password; however, password has been changed in AD and is not requiring change password any longer on the AD side.
Is there a cache on the ACS that needs to be cleared? AD connection from ACS to domain is fine. All other accounts authenticate.
It appears that if a user lets their account expire is when this happens. Account has been reenabled in AD and password has been changed. Still will not authenticate via ACS.
Cisco AAA/Identity/Nac :: Active Directory Integration Acs 5.1?
Aug 24, 2011I'm attempting to integrate an acs 5v into the domain through the gui. The connection will establish, and the status will read 'connected', just as it lists the domain I've submitted. However, I can't seem to find anything listed under the directory groups, and when I run a connection test, I simply get 'Global Catalogue port status error.' Eventually, I'd like to configure this as a radius server.
View 1 Replies View RelatedCisco AAA/Identity/Nac :: 802.1x / ACS In The Active Directory Environment?
Nov 9, 2011question 1. in the typical active directory environment and doing wireless/wired 802.1x authentication on endpoints, should ACS join as a domain computer?
question 2. for the endpoint (domain computer) join the domain, in this case is the endpoint will trust the ACS ( also domain computer) ?
question 3. what if there's a GPO policy to install the rootCA certificate toward the endpoints. In this case, ACS should issue the CSR and let the domain CA to signed as the identity certificate? Am i correct?
Cisco AAA/Identity/Nac :: ACS 5.2 Does Not Check Active Directory Changes
Oct 13, 2010I am working with ACS 5.2 and using Radius authentication for vpn client.
The authentication method used is Active Directory in an Windows enviroment with multiple domains in the same forest.
My problem occurs when i change a user from one group to another in Active Directory. After that i receive the following message when try to connect:
15039 Selected Authorization Profile is DenyAccess
The message is because match the default policy. Another user in the same AD group works fine. All domain in the forest have trust relation each other. I am using universal groups to include users from all domain belongs this forest.
Cisco :: WLC 2500 Active Directory Integration?
Apr 10, 2012I recently bought a Cisco WLC 2500. I want to configure a WLAN with Active directory authentication.How I can do this?
View 4 Replies View RelatedCisco :: LMS 3.2 Integration With Microsoft Active Directory
Jun 14, 2012i need a documentation or a procedure to how make integration LMS 3.2 with microsoft active directory to make usernames of devices appear in end hosts reports.
View 2 Replies View RelatedCisco AAA/Identity/Nac :: ACS 5.2 Active Directory Integration
Apr 24, 2012A customer uses Active Directory where some group names contain special characters (ç ~ '^). The Cisco ACS 5.2 is presenting the warnings: "Not all Active Directory user groups are retrieved successfully. One or more of thegroup's canonical name was not retrieved "(Category CSC Oacs_ Identity_ Stores_Diagnostics; code 24457).
What are the results of these warnings to the customer's network? Slow? Loss of access?
Cisco AAA/Identity/Nac :: Integration Of ACS 4.2 And MS Active Directory
Oct 21, 2010configure the Cisco ACS to authenticate the users from MS Active Directory. Cisco Acs = 4.2.1(15)Currently, i have multiple users configured as local databse. but now i want to authenticate with the domain users.
View 11 Replies View RelatedCisco :: Integrate 1250 To Active Directory
Jan 5, 2011I have installed 4 unit Cisco Aironet 1250 acting as Autonomous AP each. I want to integrate these AP to Windows Active Directory for authentication level.
When I read configuration guide on Cisco Aironet, they must be authenticated via RADIUS server.
Is it possible that these AP directly authenticated to Active Directory via LDAP protocol?
Connect A Client Computer To An Active Directory Via The Internet?
Dec 20, 2011Is it at all possible to connect a client computer to an Active Directory via the Internet?
If so, would you change the client's DNS server to the remote IP, and then connect?
Cisco Firewall :: 5515 Web VPN Using Active Directory To Authenticate
Apr 15, 2013I have a 5515 ASA that has the webVPN configured on it and it is using active directory to authenticate. The client would like to set up groups in active directory and restrict access to those groups when they are connected to the webVPN. For example, they have a group in active directory that they only want to access their "web" interface. What is the best way to configure this on the asa?
View 2 Replies View Related