11-14-2017 05:54 AM - edited 03-01-2019 06:15 PM
Hi All,
I am having trouble getting DCNM to authenticate via LDAP. Could someone please send me a screen-shot from a working config for my reference?
Does anyone know if I can configure more than one LDAP server? Form the DCNM GUI, it looks like I can only add one server.
11-14-2017 07:41 PM
Hi ,
I have attached one image but I have not authenticated it .. because I do not work on DCNM now a days.
A good rule of thumb is 389 for non-ssl, and 636 for ssl.
also you can refer the below link #
If Base , DN etc are fine then foucs of "port number" , it should not be blocked.
You can run a wireshark/ tcpdump" to look into the issue further , if required.
Thanks-
11-15-2017 01:41 AM
Thanks for the reply. This screenshot shows the default place holder text when DCNM is installed. I'm looking for an actual configured example. I matched up most of these fields but was not able to get it working. Will try & contact the security team for help.
02-01-2018 12:43 PM
WHere you able to get the LDAP working for DCNM? I'm having the same issue I can configure but it rejects the login. When I look at the FMServer log I get a
acceptsecuritycontext error data 52e v1db1
Which states invalid credentials but alas they are not invalid.
02-02-2018 05:28 AM
I was not able to get it working. Went with radius instead.
I worked with one of our LDAP experts & he needed to see what Cisco was expecting as a response from the LDAP server to grant access. As the Cisco documentation was not clear enough we could not proceed further.
02-02-2018 05:36 AM
I assume it's not working then?
02-02-2018 05:40 AM
Yes, it is not working.
So we authenticate with the radius server & Radius gets to authenticate with the LDAP server.
This way we still use our same AD credentials to login.
You can look into using a TACACS \ Radius solution. Note that only DCNM supports only one vendor with TACACS, Radius has more compatibility.
05-14-2019 01:22 PM
Has anybody actually got this to authenticate to an AD server? Could you send a real example with values changed for security sake.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: