https://community.cisco.com/t5/network-access-control/aaa-ldap-active-directory/m-p/2095253#M146422 <HTML><HEAD></HEAD><BODY><P>I already found solution with help of cisco support. I mean cisco ios 15.3, 1921 router. All magic begins with this ldap server config:</P><P></P><P>ldap attribute-map admap</P><P> map type sAMAccountName username</P><P>!</P><P>ldap server dc01</P><P> ipv4 10.0.0.1</P><P> attribute map admap</P><P> bind authenticate root-dn adminlogin password adminpassword</P><P> base-dn dc=mydomain,dc=local </P><P></P><P>Now a problem is to understand, how to use groups, my current config gives MemberOf ldap to supplicant-group </P><P>conformity.</P></BODY></HTML> Wed, 26 Dec 2012 11:05:43 GMT pavel.sazonov 2012-12-26T11:05:43Z https://community.cisco.com/t5/network-access-control/aaa-ldap-active-directory/m-p/2095251#M146418 <P>I'm searching for any good example or mb article, how to use microsoft active directory servers as aaa ldap server, becouse as I understood it's seems possible, without any radius server from now. If anyone can help me, mb someone done this and have config? I will be grateful for any help.</P> Mon, 11 Mar 2019 02:54:51 GMT https://community.cisco.com/t5/network-access-control/aaa-ldap-active-directory/m-p/2095251#M146418 pavel.sazonov 2019-03-11T02:54:51Z https://community.cisco.com/t5/network-access-control/aaa-ldap-active-directory/m-p/2095252#M146420 <HTML><HEAD></HEAD><BODY><P>Hello Pavel,</P><P></P><P>By default, you can use a microsoft AD via LDAP. For example, I use softerra's LDAP Browser which is a free tool, and I can browse my AD Servers with the following connection strings (assuming my domain is wlaaan2003.com):</P><P>Base DN: DC=wlaaan2003,DC=com</P><P>Authentication user principle name: cn=administrator,CN=Users,DC=wlaaan2003,dc=com</P><P>Password: Active directory password for my administrator account.</P><P></P><P>Make sure you have port TCP 389 opened.</P><P></P><P>I hope this helps.</P></BODY></HTML> Wed, 26 Dec 2012 10:57:02 GMT https://community.cisco.com/t5/network-access-control/aaa-ldap-active-directory/m-p/2095252#M146420 Bastien Migette 2012-12-26T10:57:02Z https://community.cisco.com/t5/network-access-control/aaa-ldap-active-directory/m-p/2095253#M146422 <HTML><HEAD></HEAD><BODY><P>I already found solution with help of cisco support. I mean cisco ios 15.3, 1921 router. All magic begins with this ldap server config:</P><P></P><P>ldap attribute-map admap</P><P> map type sAMAccountName username</P><P>!</P><P>ldap server dc01</P><P> ipv4 10.0.0.1</P><P> attribute map admap</P><P> bind authenticate root-dn adminlogin password adminpassword</P><P> base-dn dc=mydomain,dc=local </P><P></P><P>Now a problem is to understand, how to use groups, my current config gives MemberOf ldap to supplicant-group </P><P>conformity.</P></BODY></HTML> Wed, 26 Dec 2012 11:05:43 GMT https://community.cisco.com/t5/network-access-control/aaa-ldap-active-directory/m-p/2095253#M146422 pavel.sazonov 2012-12-26T11:05:43Z