Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1109
Views
5
Helpful
1
Replies

Cisco ISE 2.1 Patch 5 - did any one come across ISE PSN nodes are sending FQDN requests for authentication?

Go to solution
Pradeep S.R.
Level 5
Level 5

‎11-15-2018 07:55 AM - edited ‎11-15-2018 10:30 AM

Hi I am dealing with one strange issue anyone come across this ?

 

In ISE Radius logs user are getting authenticated with user name like abcd but AD server receiving request as abcd@xyz.com ! but no issues for user AAA function. But AD audit logs reporting as bad username request as it is receiving request as abcd@xyz,com(FQDN) instead of abcd

 

#CiscoISE #ISEExternalIdentity.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎12-15-2018 09:03 PM

abcd@xyz.com is a userPrincipalName (UPN) but not FQDN. The latter is for DNS.

I believe you might be hitting this known issue -- CSCvf45991 -- as UPN should have worked.

View solution in original post

1 Reply 1

Go to solution
hslai
Cisco Employee
Cisco Employee

‎12-15-2018 09:03 PM

abcd@xyz.com is a userPrincipalName (UPN) but not FQDN. The latter is for DNS.

I believe you might be hitting this known issue -- CSCvf45991 -- as UPN should have worked.

Customers Also Viewed These Support Documents