Cisco Community
English
Register
Great changes are coming to Cisco Community in July. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

555
Views
1
Helpful
4
Replies
mnazeeh
Cisco Employee
Cisco Employee
‎05-03-2018 01:38 AM
‎05-03-2018 01:38 AM

LDAP Messages sent from ISE to LDAP/AD

Hi All,

Would anyone be able to comment in understanding which of these below LDAP messages would be possibly sent from ISE to LDAP/AD? This would be an information which one of my customers is looking out for, and currently we don't have any document which points me to the right direction.

Table 3. Summary Table of LDAP Messages between Consumer and Supplier

The table below lists the common LDAP messages and for each there will be a corresponding detailed Data layout in the following section .

Message #

Message Name

Source/Via/Destination eg. Consumer/Middleware/Supplier

Table Reference

 NonUserAuthN

Consumer > Supplier

Table 4

PrimaryUserAuthN

Consumer > Supplier

Table 5

 SecondaryUserAuthN

Consumer > Supplier

Table 6

AuthN Response

Supplier > Consumer

Table 7

 SearchForUserDN

Consumer > Supplier

Table 8

SearchForUserData

Consumer > Supplier

Table 9

 SearchForUserInGroup

Consumer > Supplier

Table 10

SearchForGroupData

Consumer > Supplier

Table 11

 SearchResultsEntry & Response

Supplier > Consumer

Table 12

Retrieve User Organisational Information.

Supplier > Consumer

Table 13

 CompareUserInGroup

Consumer > Supplier

Table 14

CompareUserInGroupResponse

Supplier > Consumer

Table 15

 ModifyRequest

Consumer > Supplier

Table 16

ModifyResponse

Supplier > Consumer

Table 17

 AddRequest

Consumer > Supplier

Table 18

AddResponse

Supplier > Consumer

Table 19

 DelRequest

Consumer > Supplier

Table 20

DelResponse

Supplier > Consumer

Table 21

SearchForOrganisationalGroupData

Supplier > Consumer

Table 22

Any help or advise on this would be highly appreciated.

Thanks!

4 REPLIES 4
hslai
Cisco Employee
Cisco Employee
‎05-03-2018 08:18 AM
‎05-03-2018 08:18 AM

These do not appear in any of LDAP or Microsoft AD documents I can find on the net so they must be some proprietary messaging used by the customer's application infrastructure and I do not think ISE supporting them at all.

0 Helpful
mnazeeh
Cisco Employee
Cisco Employee
In response to hslai
‎05-09-2018 09:38 AM
‎05-09-2018 09:38 AM

hslai Thank you for the response.

Would you also be able to point me in the direction in understanding the LDAP messages sent from ISE to LDAP/AD? It would also be helpful if a document containing the same could be provided.

0 Helpful
hslai
Cisco Employee
Cisco Employee
In response to mnazeeh
‎05-09-2018 09:55 AM
‎05-09-2018 09:55 AM

ISE is compliant with LDAPv3 ( RFC 451). ISE uses both AD and LDAP for authentications and attribute lookups. If you has partner permissions on the communities, you may check out [ISE Lab Guide] ISE Active Directory Integration.

0 Helpful
mnazeeh
Cisco Employee
Cisco Employee
In response to hslai
‎05-16-2018 07:40 PM
‎05-16-2018 07:40 PM

Thank you very much.

I'll have a look at the ISE LAB Guide.

0 Helpful
Latest Contents
Earn $100! Interview with Cisco on Network Risk, Compliance ...
Created by S Nath on 06-27-2022 01:56 PM
0
0
0
0
Are you responsible for risk management, compliance management and auditing of a network?    If so, we’d like to speak with you to learn your current processes of enforcing compliance and managing risk to help us develop services that will ... view more
Converting Cisco Secure Endpoint Connectors from Audit to Pr...
Created by Sohaib Ahmed on 06-23-2022 05:19 PM
0
0
0
0
Once you've expanded Cisco Secure Endpoint connector deployment to about 50% of your licensed count (check out this article that shows you how to do that), it's time to put those connectors to action i.e. convert them to Protect from Audit mode for vari... view more
🧦💚 Tell us about your ZTNA journey in exchange for a pair ...
Created by betswang on 06-23-2022 03:05 PM
0
15
0
15
  Hello! I’m Betsy, UX Researcher, on the Cisco+ Secure Connect Now team. Nice to meet you all .We have a short survey to learn about your Zero Trust Network Access (ZTNA) journey. Whether you have, plan to, or have not implemented a ... view more
Cisco ASA Access-list ACL using network object
Created by Meddane on 06-23-2022 06:59 AM
0
0
0
0
  A set of interface access rules can cause the Cisco Adaptive Security Appliance to permit or deny a designated host to access another particular host with a specific network application (service). When there is only one client, one host and one se... view more
How To: Cisco ISE Captive Portals with Aruba Wireless
Created by ahollifield on 06-22-2022 06:23 PM
4
10
4
10
How To: Cisco ISE Captive Portals with Aruba Wireless Authors: Adam Hollifield, Brad Johnson IntroductionPrerequisitesMinimum RequirementsComponents UsedConfigurationAruba Wireless ControllerWLAN CreationAuthentication ConfigurationRole & Policy Confi... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad

ISE Webinars

Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube