https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953896#M419419 <P>I have windows 2003 AD and trying to setup ACS authentication with Generic Ldap.</P><P>I fill these fields in ACS 4.1 as below</P><P></P><P>User directory subtree cn=users,dc=mydomain,dc=local </P><P>Group directory subtree cn=users,dc=mydomain,dc=local </P><P>Userobjecttype uid </P><P>Userobjectclass Person</P><P>Groupobjecttype cn</P><P>Groupobjectclass GoupOfUniqueNames </P><P>Group attribute name UniqueMember </P><P>Admin dn cn=myname,cn=users,dc=mydomain,dc=local</P><P></P><P>A authentication failure show up with â&#128;&#156;external user not foundâ&#128;&#157; when I try to log on to a device.Please help to fill with the exact syntax for the above fields. All examples on the web are base on Novell LDAP</P><P></P><P>Thanks in advance</P><P></P><P>Vincent</P><P></P> Sun, 10 Mar 2019 22:56:23 GMT bankcommsysadmin 2019-03-10T22:56:23Z https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953896#M419419 <P>I have windows 2003 AD and trying to setup ACS authentication with Generic Ldap.</P><P>I fill these fields in ACS 4.1 as below</P><P></P><P>User directory subtree cn=users,dc=mydomain,dc=local </P><P>Group directory subtree cn=users,dc=mydomain,dc=local </P><P>Userobjecttype uid </P><P>Userobjectclass Person</P><P>Groupobjecttype cn</P><P>Groupobjectclass GoupOfUniqueNames </P><P>Group attribute name UniqueMember </P><P>Admin dn cn=myname,cn=users,dc=mydomain,dc=local</P><P></P><P>A authentication failure show up with â&#128;&#156;external user not foundâ&#128;&#157; when I try to log on to a device.Please help to fill with the exact syntax for the above fields. All examples on the web are base on Novell LDAP</P><P></P><P>Thanks in advance</P><P></P><P>Vincent</P><P></P> Sun, 10 Mar 2019 22:56:23 GMT https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953896#M419419 bankcommsysadmin 2019-03-10T22:56:23Z https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953897#M419420 <HTML><HEAD></HEAD><BODY><P>ACS forwards the username and password to an LDAP database by using a Transmission Control Protocol (TCP) connection on a port that you specify. The LDAP database passes or fails the authentication request from ACS. When receiving the response from the LDAP database, ACS instructs the requesting AAA client to grant or deny the user access, depending on the response from the LDAP server. </P><P></P><P>Refer the following url for more information on Generic LDAP AUthentiication on ACS 4.1:</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/UsrDb.html#wp491718" target="_blank">http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/UsrDb.html#wp491718</A></P></BODY></HTML> Thu, 03 Jul 2008 12:32:16 GMT https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953897#M419420 smahbub 2008-07-03T12:32:16Z https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953898#M419421 <HTML><HEAD></HEAD><BODY><P>My question is what is the default attribute name from windows directory server for UserObjectType and UserObjectClass</P><P></P><P>Thks</P></BODY></HTML> Thu, 03 Jul 2008 13:07:12 GMT https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953898#M419421 bankcommsysadmin 2008-07-03T13:07:12Z https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953899#M419422 <HTML><HEAD></HEAD><BODY><P>Userobjecttype: cn</P><P>Userobjectclass: user </P><P></P><P>Regards</P><P>Andy</P></BODY></HTML> Wed, 09 Jul 2008 14:54:27 GMT https://community.cisco.com/t5/network-access-control/windows-ldap-authen-on-acs-4-1/m-p/953899#M419422 andypalfrey 2008-07-09T14:54:27Z