https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/4438046#M1082453 <P>what kind of right the user has when you adding FMC to LDAP&nbsp;</P> <P>&nbsp;</P> <P>follow and verify the steps :</P> <P>&nbsp;</P> <P><A href="https://www.petenetlive.com/KB/Article/0001102" target="_blank">https://www.petenetlive.com/KB/Article/0001102</A></P> <P>&nbsp;</P> Fri, 23 Jul 2021 23:29:24 GMT balaji.bandi 2021-07-23T23:29:24Z https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/4438033#M1082452 <P>Hello everyone.</P><P>I'm currently setting up a FMC and while attempting to use external authentication via LDAP, for some reason the FMC is not querying properly.</P><P>Basically whenever I attempt the test the query, it only finds user machines and groups CNs , not the actual users.</P><P>As a result, it always fails to authenticate. If I place the group name instead of the user without a password it actually "succeeds" into the login test resquest.</P><P>&nbsp;</P><P>Any thoughts on why its querying for groups and machines CNs instead of users?</P><P>&nbsp;</P><P>Evidences attached.</P> Fri, 23 Jul 2021 22:11:48 GMT https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/4438033#M1082452 caiobomani 2021-07-23T22:11:48Z https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/4438046#M1082453 <P>what kind of right the user has when you adding FMC to LDAP&nbsp;</P> <P>&nbsp;</P> <P>follow and verify the steps :</P> <P>&nbsp;</P> <P><A href="https://www.petenetlive.com/KB/Article/0001102" target="_blank">https://www.petenetlive.com/KB/Article/0001102</A></P> <P>&nbsp;</P> Fri, 23 Jul 2021 23:29:24 GMT https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/4438046#M1082453 balaji.bandi 2021-07-23T23:29:24Z https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/4450143#M1082914 <P>The user is just a member of domain users.<BR />The problem is that whenever the FMC queries the Active Directory Tree, its looking for groups instead of users.<BR /><BR />Does anyone has experiencing this issue before?</P> Mon, 16 Aug 2021 20:51:46 GMT https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/4450143#M1082914 caiobomani 2021-08-16T20:51:46Z https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/5344097#M1123362 <P>I have exactly same issue.<BR />without test, FMC says - OK-<BR />fmc/ftdv version&nbsp;<SPAN>7.6.2.1 (build 3)</SPAN></P><P><EM>Test Complete: You may enter a test user name to further verify your Base Filter parameter.<BR /></EM><BR />then, adding user that is in the group....failed. <EM>netadmin</EM> is in <EM>ise_admins</EM> group.<BR /><BR /><EM>binding</EM><BR /><EM>bind success</EM><BR /><EM>starting search...</EM><BR /><EM>base :OU=Security Groups,DC=main,DC=company,DC=com</EM><BR /><EM>filter :(CN=ISE_Admins)</EM><BR /><EM>user :netadmin</EM><BR /><EM>attrib :sAMAccountName</EM><BR /><EM>ldap_result: 0 -Success</EM><BR /><EM>found 1 entries...</EM><BR /><EM>-------------</EM><BR /><EM>CN=ISE_Admins,OU=ISE,OU=Security Groups,DC=main,DC=company,DC=com</EM><BR /><EM>sAMAccountName: ISE_Admins</EM><BR /><EM>-------------</EM><BR /><EM>search failed</EM><BR /><EM>Admin Users The following administrator shell access users (1) were found with this filter:</EM><BR /><EM>---------------</EM><BR /><EM>ise_admins</EM><BR /><EM>Users The following users (1) were found with this filter:</EM><BR /><EM>---------------</EM><BR /><EM>ise_admins</EM><BR />so it is looking for group...not user</P> Mon, 03 Nov 2025 14:24:27 GMT https://community.cisco.com/t5/network-security/fmc-external-authentication-ldap-issues/m-p/5344097#M1123362 s_SiD_s 2025-11-03T14:24:27Z