cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2132
Views
20
Helpful
4
Replies

LDAP authentication on router ssh login

luis.poveda93
Level 1
Level 1

Hello,

I´m trying to configure ldap authentication for a switch Cisco Catalyst but I got LDAP: LDAP doesn't support interactive login although the local test using test aaa authentication group has been successful.

 

Have any of you been capable of configuring ldap authentication towards an MS Active Directory server?

 

ios: Cisco IOS XE Software, Version 17.03.04

 

Thanks in advance.

Luis

4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

Not that i am aware this worked, as i remember it was not worked. (ok with GUI Login). but CLI having some issue i guess.

 

what is the output :

 

#show ldap server all ?
| Output modifiers
<cr> <cr>

 

may check some limitation :

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-2/configuration_guide/sec/b_172_sec_9500_cg/configuring_ipv6_support_for_ldap.html

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello,

Have you seen the output?

Regards,

Luis

luis.poveda93
Level 1
Level 1

Hello,

Thanks for the answer. The output below:

censured-1#show ldap server all
Server Information for censured-1
================================
Server name :censured-1
Server Address :10.x.x.x
Server listening Port :389
Bind Root-dn :CN=user,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx
Server mode :Non-Secure
Cipher Suite :0x00
Authentication Seq :Search first. Then Bind/Compare password next
Authentication Procedure:Bind with user password
Base-Dn :OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx
Object Class :Person
Attribute map :GROUP
Request timeout :30
Deadtime in Mins :0
State :ALIVE
---------------------------------
* LDAP STATISTICS *
Total messages [Sent:6, Received:6]
Response delay(ms) [Average:506, Maximum:513]
Total search [Request:5, ResultEntry:0, ResultDone:5]
Total bind [Request:1, Response:1]
Total extended [Request:0, Response:0]
Total compare [Request:0, Response:0]
Search [Success:0, Failures:5]
Bind [Success:0, Failures:1]
Missing attrs in Entry [0]
----------------------------------
No. of active connections :1

 

Regards,

Luis

sweigle88
Level 1
Level 1

@luis.poveda93    were you able to get any where with this on IOS?  I was able to get this working on ASA, but haven't on IOS yet.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: