Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1430
Views
0
Helpful
2
Replies

AD / LDAP Tutorial

bberry
Level 1
Level 1

‎11-23-2010 07:55 AM - edited ‎03-09-2019 11:17 PM

We are in the process of deploying a new ASA5520. This will be replacing both my PIX515 and VPN3020 concentrator. In the past authentication has simply been NT authentication for username and password. With this new hardware I want to move to AD or LDAP authentication. This way we can setup and use groups and the like for better authentication and better manage where and how users connect. We are also in the process of evaluating ACS that once agan will be tied into AD / LDAP for authentication.

My education level in regards to AD / LDAP is basically zero.  I have been able to get the ASA to talk to AD but am not sure how to set things up for username, password, group, etc. type authentication. I am looking for references or tutorials to help me better understand and use this new animal. So far I am wading through the different manuals and configuration guides I am finding on CCO but think it would go smoother if I better understood AD / LDAP and had a better understanding of how to get from point A to point B.

Any suggestions would be appreciated.

Thanks in advance ....

Brent

Labels:
0 Helpful
2 Replies 2

Herbert Baerten
Cisco Employee
Cisco Employee

‎11-29-2010 03:21 AM

Hi Brent,

would this help?

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c3c45.shtml

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808d1a7c.shtml

https://supportforums.cisco.com/docs/DOC-13713

or are you looking for more in-depth documentation on how LDAP works?

Maybe the wikipedia article on LDAP might be a good start : http://en.wikipedia.org/wiki/LDAP

hth

Herbert

0 Helpful

bberry
Level 1
Level 1
In response to Herbert Baerten

‎11-29-2010 07:37 AM

Hey Herbert,

Thanks for the reply.

I am looking for something a little more in-depth in regards to how AD / LDAP works. Something that will help me learn and understand what things such as Base DN or fields such as dc= or cn= are. I found a browser that allows me to look at our AD structure based upon what my server guys are telling me but am having a tough time learning where and how to match items for username / password and the like. This would help be better uderstand the operation so that I could create the rules and other items to actually make ACS and VPN authentication actually work. In talking with my server guys they basically say well maybe we need to create additional groups or actually use some of the fields that are currently blank but have not been much help in actually getting my test system operational. I figure there is an AD for dummies kind of book to get me started.

Brent

0 Helpful
Customers Also Viewed These Support Documents