cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

732
Views
20
Helpful
3
Replies
luis.poveda93
Beginner

LDAP authentication on router ssh login

Hello,

I´m trying to configure ldap authentication for a switch Cisco Catalyst but I got LDAP: LDAP doesn't support interactive login although the local test using test aaa authentication group has been successful.

 

Have any of you been capable of configuring ldap authentication towards an MS Active Directory server?

 

ios: Cisco IOS XE Software, Version 17.03.04

 

Thanks in advance.

Luis

3 REPLIES 3
balaji.bandi
VIP Guru

Not that i am aware this worked, as i remember it was not worked. (ok with GUI Login). but CLI having some issue i guess.

 

what is the output :

 

#show ldap server all ?
| Output modifiers
<cr> <cr>

 

may check some limitation :

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-2/configuration_guide/sec/b_172_sec_9500_cg/configuring_ipv6_support_for_ldap.html

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello,

Have you seen the output?

Regards,

Luis

luis.poveda93
Beginner

Hello,

Thanks for the answer. The output below:

censured-1#show ldap server all
Server Information for censured-1
================================
Server name :censured-1
Server Address :10.x.x.x
Server listening Port :389
Bind Root-dn :CN=user,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx
Server mode :Non-Secure
Cipher Suite :0x00
Authentication Seq :Search first. Then Bind/Compare password next
Authentication Procedure:Bind with user password
Base-Dn :OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx
Object Class :Person
Attribute map :GROUP
Request timeout :30
Deadtime in Mins :0
State :ALIVE
---------------------------------
* LDAP STATISTICS *
Total messages [Sent:6, Received:6]
Response delay(ms) [Average:506, Maximum:513]
Total search [Request:5, ResultEntry:0, ResultDone:5]
Total bind [Request:1, Response:1]
Total extended [Request:0, Response:0]
Total compare [Request:0, Response:0]
Search [Success:0, Failures:5]
Bind [Success:0, Failures:1]
Missing attrs in Entry [0]
----------------------------------
No. of active connections :1

 

Regards,

Luis

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube