Sep 6 15:38:34 EUDC1F002 login(pam_unix): could not identify user (from getpwnam(testuser))
Sep 6 15:38:34 EUDC1F002 login: User not known to the underlying authentication module
The Cisco ACS is reporting sucessful authentication
The username must be defined on the Crossbeam platform itself. If "testuser" is not fully defined and qualified on the Crossbeam (account, permissions, uid, etc.) then it cannot authenticate correctly with radius.
A local user must be configured, because different user levels with different permissions can be configured on Crossbeam. The user access permissions not only specify whether objects can be modified or not, but it also has impact on things like unix level file permissions and audit logging.
Some network devices allow Radius authenticated users without a local account configured, but these are often devices which have a simple set of access permisions and are not based on an operating system like XOS (Linux).
Imported Document ID: 000020191
Subscribing will provide email updates when this Article is updated. Login is required.