cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
ISE 2.3 Patch 7 has been posted. This will be the last patch for the ISE 2.3 release!
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

147
Views
1
Helpful
4
Replies
Cisco Employee

LDAP Messages sent from ISE to LDAP/AD

Hi All,

Would anyone be able to comment in understanding which of these below LDAP messages would be possibly sent from ISE to LDAP/AD? This would be an information which one of my customers is looking out for, and currently we don't have any document which points me to the right direction.

Table 3. Summary Table of LDAP Messages between Consumer and Supplier

The table below lists the common LDAP messages and for each there will be a corresponding detailed Data layout in the following section .

Message #

Message Name

Source/Via/Destination eg. Consumer/Middleware/Supplier

Table Reference

NonUserAuthN

Consumer > Supplier

Table 4

PrimaryUserAuthN

Consumer > Supplier

Table 5

SecondaryUserAuthN

Consumer > Supplier

Table 6

AuthN Response

Supplier > Consumer

Table 7

SearchForUserDN

Consumer > Supplier

Table 8

SearchForUserData

Consumer > Supplier

Table 9

SearchForUserInGroup

Consumer > Supplier

Table 10

SearchForGroupData

Consumer > Supplier

Table 11

SearchResultsEntry & Response

Supplier > Consumer

Table 12

Retrieve User Organisational Information.

Supplier > Consumer

Table 13

CompareUserInGroup

Consumer > Supplier

Table 14

CompareUserInGroupResponse

Supplier > Consumer

Table 15

ModifyRequest

Consumer > Supplier

Table 16

ModifyResponse

Supplier > Consumer

Table 17

AddRequest

Consumer > Supplier

Table 18

AddResponse

Supplier > Consumer

Table 19

DelRequest

Consumer > Supplier

Table 20

DelResponse

Supplier > Consumer

Table 21

SearchForOrganisationalGroupData

Supplier > Consumer

Table 22

Any help or advise on this would be highly appreciated.

Thanks!

4 REPLIES 4
Cisco Employee

Re: LDAP Messages sent from ISE to LDAP/AD

These do not appear in any of LDAP or Microsoft AD documents I can find on the net so they must be some proprietary messaging used by the customer's application infrastructure and I do not think ISE supporting them at all.

Cisco Employee

Re: LDAP Messages sent from ISE to LDAP/AD

hslai Thank you for the response.

Would you also be able to point me in the direction in understanding the LDAP messages sent from ISE to LDAP/AD? It would also be helpful if a document containing the same could be provided.

Cisco Employee

Re: LDAP Messages sent from ISE to LDAP/AD

ISE is compliant with LDAPv3 ( RFC 451). ISE uses both AD and LDAP for authentications and attribute lookups. If you has partner permissions on the communities, you may check out [ISE Lab Guide] ISE Active Directory Integration.

Highlighted
Cisco Employee

Re: LDAP Messages sent from ISE to LDAP/AD

Thank you very much.

I'll have a look at the ISE LAB Guide.