Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
374
Views
0
Helpful
1
Replies

Cisco ACS 5.2 authentication against multiple LDAP servers

darragh long
Level 1
Level 1

‎03-13-2014 03:35 AM - edited ‎03-10-2019 09:31 PM

Hi Folks,

I have a wireless network that uses ACS 5.2 to handle authentication.   The ACS is integrated with an Active Directory LDAP server (my_ldap) and is working correctly at the moment.    The authentication flow looks like this:

 - User tries to associate to WLAN

 - Authentication request is sent to ACS

 - Service selection rule chooses an access-policy (wireless_access_policy)

 - wireless_access_policy is configured to use my_ldap as identity source.

 

A sister company is about to move into our offices, and will need access to the same WLAN.    Users in the sister company are members of a separate AD domain (sister_company_ldap).    I would like to modify the wireless_access_policy so that when it receives an authentication request it will query both my_ldap and sister_company_ldap, and return a passed authentication if either attempt is successful.     Is this possible?

 

 

Labels:
0 Helpful
1 Reply 1

nigel doe
Level 1
Level 1

‎03-18-2014 01:12 PM

Assuming you're already authenticating using your AD binding and AD1 as your identity source, you can add a further LDAP server as another identity source and add this to your identity store sequence in your access policy to authenticate against both.

You can also add multiple LDAP servers and add them both to the identity store sequence (if you're not using AD1).

 

 

0 Helpful
Customers Also Viewed These Support Documents