pam_radius and Cisco ACS

Tom tjonesjr at
Thu Feb 16 01:56:29 CET 2006

No, the shared secret is correct, otherwise the ACS would show that as
being the error and wouldn't be trying to authenticate the user
against the windows AD.  I thought this might have been the issue
until I purposely used the wrong secret and there were different

On 2/15/06, Alan DeKok <aland at> wrote:
> Tom <tjonesjr at> wrote:
> > I have compiled pam_radius and it appears to be working as intended,
> > however Cisco ACS reports "External DB User Invalid or bad password"
> > anytime I try to use the same credentials that properly authenticate
> > with ACS's tacacs on a linux or freebsd server.  The username shows up
> > properly on the ACS server, so I am assuming that the NAS is sending
> > the proper username, but it appears that the password is not being
> > sent correctly.  I know the ACS server is trying to authenticate
> > against AD because after so many tries the account get's locked out.
>   Is it a shared secret problem?
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

Thomas Jones Jr.

More information about the Freeradius-Users mailing list