ACS 4.2 Ldap connection string problems

Adam Watts — Mon, 11 Mar 2019 04:12:52 GMT

Hi all,

I am having an interesting problem trying to get my acs server talking to our microsft AD Ldap structure. The way our admin has setup the structure is sketched out below. The IT Department has it's on branch under which are the IT users and the IT security Groups but the comapny users and groups are on the same level as the IT Dept branch.

dc=uk

| dc=co

| | dc=company

| | | ou=it dept

| | | | ou=it users

| | | | ou=it groups

| | | ou=company users

| | | ou=company groups

the problem i have is that when i setup a generic LDAP server on the ACS i can get it working for users of the IT Dept, but i can't get it working for the company users. It looks like the ACS is expecting to see at least 2 OU entries.

ou=it users,ou=it dept,dc=company,dc=co,dc=uk Works

ou=company users,dc=company,dc=co,dc=uk Fails

I am currently using an ACS 4.2 server build 124 running on a windows server

Any ideas would be appreciated as ldap and AD is not an area i know much about.

Adam

Re: ACS 4.2 Ldap connection string problems

Amjad Abdullah — Tue, 24 Dec 2013 13:14:03 GMT

Hi,

What did you configure for "User directory subtree" and "Gropu directory subtree" in the Common LDAP configuration?

You want both the company users and IT users to authenticate at the same time?

If you want both IT users and company users to work, you need to put a higher level OU that contains both of them.

dc=company,dc=co,dc=uk

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

topic Re: ACS 4.2 Ldap connection string problems in Network Access Control

ACS 4.2 Ldap connection string problems

Re: ACS 4.2 Ldap connection string problems