Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3974
Views
3
Helpful
4
Replies

Cisco Prime DCNM and Active Directory (LDAP)

Dawit Zeru
Level 1
Level 1

‎04-21-2015 10:04 AM

Hi all,

 

I have a DCNM 6.3.2, and I'm trying to connect it to the Active Directory but without any success.

can someone please explain me how to do it.

I read the Cisco DCNM Fundamentals Guide, Release 6.x, but it was not clear enough can someone assist,

 

thanks in advance.

1 person had this problem
Labels:
0 Helpful
4 Replies 4

AFROJ AHMAD
Cisco Employee
Cisco Employee

‎04-23-2015 12:01 PM

Hi ,

 

can you try this :

Open DCNM Web Client > Click Admin > Under Management Users select Remote AAA

From here you can change the Auth Mode to one of the following:

Local | Radius | TACACS+ | Switch | LDAP

enter the details..

 

Click Apply to submit changes.

 

Thanks-

Afroz

***Ratings Encourages Contributors ***

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****

Dawit Zeru
Level 1
Level 1
In response to AFROJ AHMAD

‎06-03-2015 06:08 AM

i opened a tac and after some investigation they found out that and its funny

when configuring LDAP on the DCNM a user can only access using is full name (i.e the display name), and not the login name.

here is an explanation:

when a user is configured the Active Directory, the user are configured with two sets of name:

  1. Is full name. 

First Name: User.

Last Name: Test

Full Name: User Test

2. A short name for login

Login Name: Utest

 

the DCNM LADP atribute for login is the full and not the short name.

 

 

0 Helpful

Eric Scott
Cisco Employee
Cisco Employee

‎04-27-2015 11:01 AM

Hi Dawit,

Can you provide the LDAP parameters exactly as they've been entered in DCNM?

Most commonly we see that the filter field on the [Admin > Remote AAA > LDAP] page is incorrect, because the example configuration is misleading/wrong.  The filter field should not contain 'CN='.

For example my lab server has a working LDAP config like this,

.

 

Also, once you've entered the LDAP parameters use the "Test" button and try out your login credentials.  Please share your result whether it says success or failure, because it will help us isolate where the problem is.

And finally, make sure that the DCNM services have been restarted after the authentication method is set to LDAP.  A restart of the services is required for this to work.

-Eric

0 Helpful

garygrubb
Level 1
Level 1
In response to Eric Scott

‎11-14-2017 04:23 AM

Hi Eric,

 

I'm having some trouble getting DCNM to authenticate via LDAP. Could you please share a screen shot of a known working configuration so I can compare & setup mine accordingly?

0 Helpful
Customers Also Viewed These Support Documents