Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1272
Views
5
Helpful
2
Replies

Configure authentication LDAP using sAMAccountName and userPrincipalName at the same time

daviddeleye
Level 1
Level 1

‎03-30-2018 02:04 AM - edited ‎02-21-2020 07:34 AM

Hi,

 

I would like to configure authentication for our anyconnect connection using ldap to check the credentials against our AD. I can configure to use either sAMAccountName or userPrincipalName but not both at the same time.

 

ldap-naming-attribute sAMAccountName

ldap-naming-attribute userPrincipalName

 

gives following output

aa-server TEST (inside) host 1.1.1.1
 ldap-naming-attribute userPrincipalName

 

So in short, is it possible to check both?

 

Labels:
0 Helpful
2 Replies 2

Mohammed al Baqari
Level 11
Level 11

‎03-31-2018 03:30 AM

You can't specify both under single aaa-server group. But try to use
sAMAccountName and enable strip-group and strip-real option. This should
make both DNS and Group logins working.

daviddeleye
Level 1
Level 1
In response to Mohammed al Baqari

‎04-03-2018 01:54 AM

Hi Mohamed,

 

Thank you for the swift response.

It is unclear what DNS and group login are.

Could you explain what you mean by this?

 

 

Thank you in advance!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card