- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-19-2018 02:42 PM - edited 09-19-2018 02:43 PM
Hello Team,
It needs to be simple mistake, i had it working, now it's not working.
I authorize user in LDAP which hits authz rule having the following authorization profile:
Customer1_RODC is LDAP connection with physicalDeliveryOffice attribute:
Now when i do authorize user, i can see the following in auth logs:
Now - why value of physicalDeliveryOfficeName which is equal to 18 is not mapped ? And instead -01 is added to a string representation ?
It was working fine, but probably i have lost connectivity to LDAP, but i have readed it along with attribute.
Could you please confirm ?
Thanks,
Michal
Solved! Go to Solution.
- Labels:
-
Identity Services Engine (ISE)
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2018 10:52 AM
IIRC we need the entire RHS of cisco-av-pair as the value of the AD/LDAP attribute; e.g. Cisco:cisco-av-pair = AD1:description.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2018 10:52 AM
IIRC we need the entire RHS of cisco-av-pair as the value of the AD/LDAP attribute; e.g. Cisco:cisco-av-pair = AD1:description.
