Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3402
Views
0
Helpful
4
Replies

Cisco ASA 8.3 ldap AAA server setup Microsoft active directory fails

Go to solution
orsonjoon
Level 1
Level 1

‎02-09-2011 06:01 AM - edited ‎03-10-2019 05:48 PM

Hello,

I'm trying to set up ldap authentication for remote ssl vpn users like the picture below:

untitled.bmp

When I try the test button, and enter any username and password I get the message "Authentication Rejected: User was not found"

Why??? Please help, I'm running out of options here... Many many thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to orsonjoon

‎02-09-2011 09:39 AM

Use the login DN in the following format.


admin-user-name@domain_name and let me know how it goes.


If the above suggestion doesn't work then please run the debug ldap 255 and paste the output here.



Rgds,  Jatin



Do rate helpful posts-

~Jatin

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎02-09-2011 07:22 AM

In the scope section use All level beneath the base DN

Like the below listed doc
http://www.cisco.com/en/US/docs/security/asa/asa71/asdm51/selected_procedures/asdmldap.html#wp1033083



Rgds, Jatin



Do rate helpful posts~

~Jatin
0 Helpful

Go to solution
orsonjoon
Level 1
Level 1
In response to Jatin Katyal

‎02-09-2011 09:29 AM

Thanks for the reply.

The "All levels beneath the base DN" option was actually the first thing I ttied to get this to work, but with little effect.

Still got the same message: user was not found.

What'am I doing wrong here? PLease help.....

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to orsonjoon

‎02-09-2011 09:39 AM

Use the login DN in the following format.


admin-user-name@domain_name and let me know how it goes.


If the above suggestion doesn't work then please run the debug ldap 255 and paste the output here.



Rgds,  Jatin



Do rate helpful posts-

~Jatin
0 Helpful

Go to solution
orsonjoon
Level 1
Level 1
In response to orsonjoon

‎02-09-2011 09:40 AM

AH GOT IT!

The Naming Attribute shouldn't be "sAMAcountName", but sAMAccountName, just a typo after all

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents