Hello,
I am testing "Identity Options" with IDFW Step by Step configuraiton.
I could finish installing and configuring AD agent and Identity options but I could not get an authenciation from a domain controller.
I can find my name in the domain controller but when I try to get an authentication from the DC, ASA says "Authentication Rejected: User was not found". When I configured the domain controller as AAA server with protocol "NT Domain" under Device Manangement > Users/AAA > AAA server Groups and ran "Test" button, I could get my account authenticated by the domain controller.
Could you guys please give me some tips how to break this problem?
Here is how I did a test.
Test_ASA# test aaa-server authentication AD1 username richard password cisco123
Server IP Address or name: 192.168.1.1
INFO: Attempting Authentication test to IP address <192.168.1.1> (timeout: 12 seconds)
[3622] Session Start
[3622] New request Session, context 0x76821678, reqType = Authentication
[3622] Fiber started
[3622] Creating LDAP context with uri=ldaps://192.168.1.1:636
[3622] Connect to LDAP server: ldaps://192.168.1.1:636, status = Successful
[3622] supportedLDAPVersion: value = 3
[3622] supportedLDAPVersion: value = 2
[3622] Binding as administrator
[3622] Performing Simple authentication for administrator to 192.168.1.1
[3622] LDAP Search:
Base DN = [DC=sulu, DC=local]
Filter = [sAMAccountName=richard]
Scope = [ONE LEVEL]
[3622] User richard not found
[3622] Fiber exit Tx=250 bytes Rx=750 bytes, status=-1
[3622] Session End
ERROR: Authentication Rejected: User was not found