Hi all,
we have two identity stores - RSA SecureID and AD. Only a couple of users are configured in our RSA server. I configured a Radius service with authentication RSA as first in the list and AD as second. Problem is that CPPM never asks the AD. It simply rejects the user by the RSA server.
->Example RSA user exists -> Accept send back the CPPM -> OK
->Example RSA user does not exists -> Reject send back to CPPM -> no ok
So basically as soon as a reject is send from the RSA the next identity in the sequence should be requested. Is there a way to do it? In Cisco ACS environments i am able to set how a reject is threat - as user not found or as a real reject. Can i do the same with CPPM?