We have a similar setup (Cisco LWAPP environment, controllers logging to IAS) and have seen the same issue. If you find anything useful, I would be interested.
________________________________ Walt Howd Network Systems Admin Information Technology Services Truman State University SunGard Higher Education Managed Services 100 East Normal Street Kirksville, MO 63501 [EMAIL PROTECTED] -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Craig Pluchinsky Sent: Thursday, March 06, 2008 3:12 PM To: [email protected] Subject: [WIRELESS-LAN] IAS Logging Currently we have an 802.1x wireless network setup with Cisco APs, Cisco Wireless Lan Controllers and Microsoft IAS as our RADIUS server. We are seeing issues where a users active directory account is being locked out because of too many incorrect password attempts. This is being logged in the security event log on the server but not in the IAS logs. The security event log does not show a mac address or machine name. IAS should be logging a Reason-Code 36 IAS_ACCOUNT_LOCKED_OUT in the IAS log. The problem is the client looks like it is incorrectly configured so it keeps trying to authenticate every few seconds keeping the users active directory account locked out. We then have to track down the mac address either with a packet sniffer or find it in WCS and add it to the disabled clients list on the controllers to keep it from repeatedly trying to connect and locking the active directory account out. Any ideas as to why IAS is not logging this error? If it logged in the IAS logs we could then get the mac address from the Calling-Station-ID. ------------------------------- Craig Pluchinsky IT Services Indiana University of Pennsylvania ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
