LDAP on ASR IOS-XE

netspazz · ‎02-12-2021

Configuring ASR 1001-x to use LDAP. what is interesting is that I add the servers, two, and the config shows up as being configured. When I next add the servers to a group, "aaa group server ldap LdapGrp". it will return ok. Next in the ldap server group created I add the servers. Everything returns ok, no errors. when I do a show run no aaa group is shown under the aaa new-model section on the configuration, but the servers do show up at the end. I have tested this on a CSR code in GNS3 and it seems to work. Am I missing something or a license issue?

netspazz · ‎02-14-2021

I little more info I have discovered. This is strange. I configured 2 ldap servers then created an ldap group and added the two servers into the group. When doing a "sh run" the servers show up, but no ldap group under the aaa section. When I run "sh run aaa", the entire aaa shows up, including the ldap servers AND the ldap group I created. checking my privilege and its 15, so it should show up. I also ran "sh run all" and the ldap group does not show up. This is strange, or I'm doing something wrong?

I have tested on ASR Hardware, running 16.9.2, groups not showing up except when using "sh run aaa". I have tested on Virtual CSR running 19.9.1 and it works with normally.

any ideas?