11-16-2011 10:23 AM
hi!
I have working config for 2003 server:
aaa-server DC1 protocol ldap
aaa-server DC1 (inside) host 172.25.29.9
ldap-base-dn DC=KIEV,DC=CC
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-password *
ldap-login-dn CN=ASA_LDAP,OU=aides,OU=IT,DC=KIEV,DC=CC
server-type auto-detect
ldap-attribute-map LDAPVPNMAP
But when i created another aaa-server DC2 with the same config (different ip and name only), which is running under 2008 Server, i've got at debug:
New request Session, context 0xd7c23870, reqType = Authentication
Creating LDAP context with uri=ldap://172.25.29.8:389
Connect to LDAP server: ldap://172.25.29.8:389, status = Successful
supportedLDAPVersion: value = 3
supportedLDAPVersion: value = 2
Performing Simple authentication for ASA_LDAP to 172.25.29.8
Simple authentication for ASA_LDAP returned code (49) Invalid credentials
Failed to bind as administrator returned code (-1) Can't contact LDAP server
Fiber exit Tx=201 bytes Rx=601 bytes, status=-2
FW01# test aaa-server authentication DC2
Server IP Address or name: 172.25.29.8
Username: aleksandr.pekurovsky
Password: **********
INFO: Attempting Authentication test to IP address <172.25.29.8> (timeout: 12 seconds)
ERROR: Authentication Server not responding: AAA Server has been removed
---
Posted by WebUser Aleksandr Pekurovsky