I'm trying to set up my ASA so our SSL VPN users can authenticate against a microsoft AD server. From what I've read I need to map the AD attribute 'msNPAllowDialin' to the Cisco Attribute 'CVPN3000−Radius−IETF−Class', but my ASA doesn't seem to have that. Is there something I'm suppose to do first for this to show up? Here's what is available:
ASA(config-ldap-attribute-map)# map-name msNPAllowDialin ?
ldap mode commands/options:
cisco-attribute-names:
Access-Hours
Allow-Network-Extension-Mode
Auth-Service-Type
Authenticated-User-Idle-Timeout
Authorization-Required
Authorization-Type
Banner1
Banner2
Cisco-AV-Pair
Cisco-IP-Phone-Bypass
Cisco-LEAP-Bypass
Client-Intercept-DHCP-Configure-Msg
Client-Type-Version-Limiting
Confidence-Interval
DHCP-Network-Scope
DN-Field
Firewall-ACL-In
Firewall-ACL-Out
Group-Policy
IE-Proxy-Bypass-Local
IE-Proxy-Exception-List
IE-Proxy-Method
IE-Proxy-Server
IETF-Radius-Class
IETF-Radius-Filter-Id
IETF-Radius-Framed-IP-Address
IETF-Radius-Framed-IP-Netmask
IETF-Radius-Idle-Timeout
IETF-Radius-Service-Type
IETF-Radius-Session-Timeout
IKE-DPD-Retry-Interval
IKE-Keep-Alives
IPSec-Allow-Passwd-Store
IPSec-Auth-On-Rekey
IPSec-Authentication
IPSec-Backup-Server-List
IPSec-Backup-Servers
IPSec-Client-Firewall-Filter-Name
IPSec-Client-Firewall-Filter-Optional
IPSec-Default-Domain
IPSec-Extended-Auth-On-Rekey
IPSec-IKE-Peer-ID-Check
IPSec-IP-Compression
IPSec-Mode-Config
IPSec-Over-UDP
IPSec-Over-UDP-Port
IPSec-Required-Client-Firewall-Capability
IPSec-Split-DNS-Names
IPSec-Split-Tunnel-List
IPSec-Split-Tunneling-Policy
IPSec-Tunnel-Type
IPSec-User-Group-Lock
L2TP-Encryption
L2TP-MPPC-Compression
MS-Client-Subnet-Mask
PFS-Required
PPTP-Encryption
PPTP-MPPC-Compression
Primary-DNS
Primary-WINS
Privilege-Level
Require-HW-Client-Auth
Require-Individual-User-Auth
Required-Client-Firewall-Description
Required-Client-Firewall-Product-Code
Required-Client-Firewall-Vendor-Code
Secondary-DNS
Secondary-WINS
Simultaneous-Logins
Strip-Realm
TACACS-Authtype
TACACS-Privilege-Level
Tunnel-Group-Lock
Tunneling-Protocols
Use-Client-Address
User-Auth-Server-Name
User-Auth-Server-Port
User-Auth-Server-Secret
VPN-Smartcard-Removal-Disconnect
WebVPN-ACL-Filters
WebVPN-Apply-ACL-Enable
WebVPN-Citrix-Support-Enable
WebVPN-Content-Filter-Parameters
WebVPN-Enable-Functions
WebVPN-Exchange-NETBIOS-Name
WebVPN-Exchange-Server-Address
WebVPN-File-Access-Enable
WebVPN-File-Server-Browsing-Enable
WebVPN-File-Server-Entry-Enable
WebVPN-Forwarded-Ports
WebVPN-Homepage
WebVPN-Macro-Substitution-Value1
WebVPN-Macro-Substitution-Value2
WebVPN-Port-Forwarding-Enable
WebVPN-Port-Forwarding-Exchange-Proxy-Enable
WebVPN-Port-Forwarding-HTTP-Proxy-Enable
WebVPN-Port-Forwarding-Name
WebVPN-SVC-Client-DPD
WebVPN-SVC-Compression
WebVPN-SVC-Enable
WebVPN-SVC-Gateway-DPD
WebVPN-SVC-Keep-Enable
WebVPN-SVC-Keepalive
WebVPN-SVC-Rekey-Method
WebVPN-SVC-Rekey-Period
WebVPN-SVC-Required-Enable
WebVPN-Single-Sign-On-Server-Name
WebVPN-URL-Entry-Enable
