Re: LDAP config page: Example values for ADS?

heinz.rietmann · ‎12-01-2014

Can anyone please give me a hint which values I have to enter in the LDAP config page to access a LDAP service on a Active Directory Server?

Cheers,

Heinz

bklauser · ‎12-04-2014

Heinz,

... thanks for posting - have you had a chance to look at pages 36/37 of the draft deployment guide? Could you refine which parameters are unclear and what LDAP server you're integrating with?

fyi: quoting from the guide

Step 1 In the Home window, click the Settings button at the top right corner of the screen. The Settings window then appears.

Step 2 Click LDAP Credentials in the Settings navigation pane to view the LDAP Credentials window.

Step 3 In the LDAP Credentials window, enter your LDAP username.

Step 4 Enter your LDAP password.

Step 5 Enter the LDAP server URL address. For example, enter a URL address such as ldap://ldap.cisco.com:389.

Step 6 Enter the security principal. The security principal is the name of the user or program performing authentication. For

example, enter a value such as OU=active, OU=employees, OU=people, O=cisco.com.

Step 7 Enter the security authentication. The security authentication is the mechanism to use. For example, enter a value such

as simple or SASL.

Step 8 Enter the Group Attribute. For example, enter a value such as group membership.

Step 9 Click the Add button to save your LDAP configuration to the Cisco APIC-EM database.

hth,

Bruno

heinz.rietmann · ‎12-08-2014

Hi Bruno

Looks easy, thanks for the hint!

I found a additional note in the deployment guide:

With this Cisco APIC-EM release, the controller does not access any user identity information from Active

Directory.

Therefore I will just omit it for the moment.

Thanks anyway!
Heinz

aradford · ‎01-09-2015

The LDAP setttings are for group information. Identity information is obtained through PxGrid (Cisco Identity Services Manager) or radius proxy.

Adam