Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
743
Views
0
Helpful
5
Replies

Ldap Authentication

AustinMas
Level 1
Level 1

‎03-10-2011 12:25 AM - edited ‎03-11-2019 01:04 PM

Hi Friends ,

I am new to cisco asa devices . I wanted to know if its possible to use ldap/AD authentication to allow internal users to use INTERNET services .

As in configure different webfilter profiles , and then assign these profiles to different policies and make the policies based on user groups.

Hope i am clear with the requirement .

Thanks,

Austin

Labels:
0 Helpful
5 Replies 5

PAUL GILBERT ARIAS
Level 5
Level 5

‎03-10-2011 04:35 AM

You can integrate your AD with the ASA for authentication. I will look for a good link for you

Sent from Cisco Technical Support iPhone App

0 Helpful

AustinMas
Level 1
Level 1
In response to PAUL GILBERT ARIAS

‎03-11-2011 01:49 AM

Thanks Paul ,

waiting for the link

Austin

0 Helpful

PAUL GILBERT ARIAS
Level 5
Level 5
In response to AustinMas

‎03-11-2011 06:13 AM

I am sorry Austin, yesterday was a very busy day.

Here are a couple of links that show how to set the authentication on the ASA. The links are for the ASA but for different uses but you will get the general idea:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c3c45.shtml

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808d1a7c.shtml

If you want to authenticate users when going out to the internet you will need to implement authentication proxy. The following link shows how to do it with tacacs but the idea is the same. You cam combine the links above for the setup of the LDAP server with the authentication proxy:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807349e7.shtml

I hope this helps.

0 Helpful

AustinMas
Level 1
Level 1
In response to PAUL GILBERT ARIAS

‎04-02-2011 12:17 AM

Hi Chris ,

Is some client software needed to be installed in Windows Server inorder to fetch the login details from the server to the ASA .?

Also does this work as a SINGLE SIGN ON feature or will it prompt for username/password each time the browser is opened ?

Please help me with this info .

regards,

Austin

0 Helpful

andamani
Cisco Employee
Cisco Employee
In response to AustinMas

‎04-02-2011 06:49 AM

Hi Austin,

The Login DN has to be your domain admin account. You can install the Ldap Browser softerra inorder to fetch the ldap string or DN of the Domain Admin Account.

Alternately try running the following command on the cmd of the DC.

Dsquery * -filter “<&>” –attr *

The above command will list all the attributes of the domain admin account. Please enter domain admin login name in the blank space of sAMAccountName.

Hope this helps.

Regards,

Anisha

P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card