02-14-2013 03:46 AM - edited 03-10-2019 08:05 PM
On our ASA5510 in the area AAA Server Groups, there is an entry for LDAP and an object that refers to our 2003 Domain Controller. This DC has LDAP over SSL enabled and I can see the DN and Password for a domain user account.
I've created two new DC's, both R2 2008 but when I enable these in the same way it says it could not authenticate, ERROR auth server not responding, AAA group removed.
I thought this had something to do with CA being installed on a DC, but it's not running as a service on the DC that was already referred to.
Am I missing something here?
Thanks
02-14-2013 03:53 AM
Could you please provide me the below listed information:
1.] Show run from the ASA
2.] LDAP server (2208 R2) > start > run > ldp.exe > enter the server ip or name and port 636.
3.] LDAP server (2208 R2) > start > run > cmd > Certutil -VerifyStore MY
4.] debug ldap 255 , test the authentication again and paste the debugs outputs.
Jatin Katyal
- Do rate helpful posts -
02-14-2013 06:25 AM
Jatin,
Is there anything specific I should be looking for in the running config?
In LDP, am I connecting to my 2003 DC and if so is there smething I should be noticing.
When running the Certutil command, again shoud I notice anything.
I see the debug command cannot be run from CLI and that's all I have access to.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide