We have setup a Cisco Identity Services Engine to manage WLAN access for our users.
Access should be granted to users from a specific Windows Active Directory group.
This works fine for users having a username consisting only of ASCII letters. However, user names having e.g. an umlaut fail. The live authentication log shows an error "22056 Subject not found in the applicable identity store(s)".
Any idea what could be wrong? (And, no, renaming all non-ASCII users is not an option)
Best Answer
The solution is surprisingly simple: Users with Umlauts in ther name automatically can login with their usual login name with umlauts replaced (e.g. "Müller" becomes "Muller"). So renaming users in AD is not necessary, they just have to be informed to type the modified username in the WLAN login. (They could also do the same in any normal windows login, which may come in handy when they need to do a remote login from abroad where they don't have umlauts available on the keyboard).