Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1504
Views
5
Helpful
2
Replies

AAA ldap Active directory

pavel.sazonov
Level 1
Level 1

‎12-24-2012 04:55 AM - edited ‎03-10-2019 07:54 PM

I'm searching for any good example or mb article, how to use microsoft active directory servers as aaa ldap server, becouse as I understood it's seems possible, without any radius server from now. If anyone can help me, mb someone done this and have config? I will be grateful for any help.

Labels:
0 Helpful
2 Replies 2

Bastien Migette
Cisco Employee
Cisco Employee

‎12-26-2012 02:57 AM

Hello Pavel,

By default, you can use a microsoft AD via LDAP. For example, I use softerra's LDAP Browser which is a free tool, and I can browse my AD Servers with the following connection strings (assuming my domain is wlaaan2003.com):

Base DN: DC=wlaaan2003,DC=com

Authentication user principle name: cn=administrator,CN=Users,DC=wlaaan2003,dc=com

Password: Active directory password for my administrator account.

Make sure you have port TCP 389 opened.

I hope this helps.

0 Helpful

pavel.sazonov
Level 1
Level 1
In response to Bastien Migette

‎12-26-2012 03:05 AM

I already found solution with help of cisco support. I mean cisco ios 15.3, 1921 router. All magic begins with this ldap server config:

ldap attribute-map admap

map type sAMAccountName username

!

ldap server dc01

ipv4 10.0.0.1

attribute map admap

bind authenticate root-dn adminlogin password adminpassword

base-dn dc=mydomain,dc=local

Now a problem is to understand, how to use groups, my current config gives MemberOf ldap to supplicant-group

conformity.

Customers Also Viewed These Support Documents