000035312 - Unexpected LDAP authentication failure event monitor message while attempting RSA SecurID Access RADIUS authentication

Document created by RSA Customer Support Employee on Jul 26, 2017Last modified by RSA Customer Support on May 13, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000035312
Applies ToRSA Product Set: SecurID Access
RSA Product/Service:  Identity Router
IssueThe Administration Console's user event monitor shows a successful LDAP password authentication followed by an unexpected error message during a RADIUS authentication sequence.
LDAP password authentication failed - Logon failure: unknown username or invalid password

User-added image
CauseThe RADIUS client has been configured for authentication and for authorization, which causes a second unexpected authentication attempt.
ResolutionEnsure that the RADIUS client is configured not to send authorization requests.
When configuring a Cisco RADIUS client, make sure that the Authorization Server Group is set to None, as shown:

User-added image