LDAP/AD configuration in APIC 6.0

conf-t · ‎02-15-2024

Hi,

I'm trying to configure the LDAP PROVIDER in APIC 6.0 but I didn't find "Bind DN" where I can put the username like in APIC version 5.2.

I put it in the Base DN but I don't know if it's the right format.

Someone can give an example format of the Base DN please?

And how can I troubleshoot the integration between AD and APIC? (Ping is working).

Robert Burns · ‎02-16-2024

Should look like this:

Root DN (This is the bind account):
CN=ldap_bind,CN=Users,DC=torlab,DC=cisco,DC=com

LDAP Base DN (Where to start searching for the User in the LDAP Tree):
CN=Users,DC=torlab,DC=cisco,DC=com

LDAP Attribute:
memberOf

Filter Type:
MS Active Directory

Cheers,

Robert

conf-t · ‎02-17-2024

"CN=ldap_bind" is the account username which can read from the AD? the password that I have to put, is it for the username "ldap_bind"?

conf-t · ‎02-19-2024

thank you for your response,

It's coming along a bit. When I test the login and password, no error appears. What could be the issue?

Robert Burns · ‎02-19-2024

Check the LDAP Server Logs, see if the request is making it to it.
Have you tested the Bind Username & Password using an LDAP Browser against the LDAP server?

Robert

conf-t · ‎02-19-2024

Hi Robert,

On the LDAP server, I can see that the Bind Username is already connected with the APIC IP.. I don't know if there is an issue with the Group DN? I don't know now whatn I have to check..

Robert Burns · ‎02-17-2024

Correct