Main Nav

Today, after several days of no-problem ramping up to full strength on our large WLAN 7.4.110 environment, we had two fleeting spates of disruption in the authentication of clients against AD. Each episode lasted a few minutes, and resulted in our Cisco ACS 5.4s showing large volumes of these failure reasons:
11051 RADIUS packet contains invalid state attribute
24463 Internal error in the ACS Active directory
We have a TAC case open, and am waiting to hear back from our AD admin on whether there are any logs showing trouble between the accounts we use on the ACS boxes and the Domain Controllers.
Has anyone seen similar that can comment or theorize?
Lee Badman
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at


HI Lee,


A few years back I used ACS -> AD account for Ciscoworks LMS.  Ciscoworks does multi-threaded tasks under the hood.  This resulted in multiple/fast auths using the AD account.  The AD controller(s) saw this as an attack and thus caused the AD account to  be momentarily locked out.  After a few minutes, AD would allow the account to be used again.  I moved away from AD integration for this reason in this case. Once I moved to local CW account, AD was out of the mix and Ciscoworks performed normal.





Thanks, Chad- we have no choice but to use the ACS->AD account as the hook to verify user accounts. No sign of account lockout, but we’re still diggingJ




If you pre pay for M$ technical services, get your MS-TAM engineer involved too/start MS TAC case.  AD logs are hard to read, don’t tell you much and most AD admins never want to help out in this area I find.






Hi Chad-


Thankfully, we have about as good of a working relationship with our AD folks as you could ever hope for (which makes us fortunate, indeed). These gents are sharp, and we all can share/accuse/assist mutually as needed J




Message from

Did you ever get a resolution to this?


Message from

Did you ever get a resolution to this?



View dates and locations

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.


EDUCAUSE Institute
Leadership/Management Programs
Explore More

Career Center

Leadership and Management Programs

EDUCAUSE Institute
Project Management



Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.


EDUCAUSE organizes its efforts around three IT Focus Areas



Join These Programs If Your Focus Is


Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.



2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations

Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.