ciscoasa# sh run aaa
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LDAP LOCAL
aaa authorization command LOCAL
aaa authorization exec authentication-server
ASA is now ready to grant read only access to the user called "ashishv"
4. On authenticating to ASDM we will get this message, which indicates we have monitor only access.
5. View of the ASDM once you have access:
6. This is how "debug ldap 255” will look like for a successful user authentication:
 Session Start
 New request Session, context 0xda1861b4, reqType = Authentication
 Fiber started
 Creating LDAP context with uri=ldap://192.168.26.55:389
 Connect to LDAP server: ldap://192.168.26.55:389, status = Successful
 supportedLDAPVersion: value = 3
 supportedLDAPVersion: value = 2
 Binding as ashish AV. varghese
 Performing Simple authentication for ashish AV. varghese to 192.168.26.55
 LDAP Search:
Base DN = [DC=MCS55, DC=COM]
Filter = [sAMAccountName=ashishv]
Scope = [SUBTREE]
 User DN = [CN=ashish AV. varghese,CN=Users,DC=MCS55,DC=com]
 Talking to Active Directory server 192.168.26.55
 Reading password policy for ashishv, dn:CN=ashish AV. varghese,CN=Users,DC=MCS55,DC=com
 Read bad password count 0
 Binding as ashishv
 Performing Simple authentication for ashishv to 192.168.26.55
 Processing LDAP response for user ashishv
 Message (ashishv):
 Authentication successful for ashishv to 192.168.26.55
 Retrieved User Attributes:
 objectClass: value = top
 objectClass: value = person
 objectClass: value = organizationalPerson
 objectClass: value = user
 cn: value = ashish AV. varghese
 sn: value = varghese
 givenName: value = ashish
 initials: value = AV
 distinguishedName: value = CN=ashish AV. varghese,CN=Users,DC=MCS55,DC=com
 instanceType: value = 4
 whenCreated: value = 20121224152326.0Z
 whenChanged: value = 20130119142646.0Z
 displayName: value = ashishvarghese
 uSNCreated: value = 186542
 memberOf: value = CN=Account Operators,CN=Builtin,DC=MCS55,DC=com
 mapped to IETF-Radius-Service-Type: value = 6
 uSNChanged: value = 190878
 name: value = ashish AV. varghese
 objectGUID: value = ...+...M.`/.....
 userAccountControl: value = 66048
 badPwdCount: value = 0
 codePage: value = 0
 countryCode: value = 0
 badPasswordTime: value = 130030933379843750
 lastLogoff: value = 0
 lastLogon: value = 130030933572968750
 pwdLastSet: value = 130030792063437500
 primaryGroupID: value = 512
 objectSid: value = ............4E'y...&R.Egt...
 adminCount: value = 1
 accountExpires: value = 9223372036854775807
 logonCount: value = 0
 sAMAccountName: value = ashishv
 mapped to Privilege-Level: value = 5
 sAMAccountType: value = 805306368
 userPrincipalName: value = ashishv@MCS55.com
 objectCategory: value = CN=Person,CN=Schema,CN=Configuration,DC=MCS55,DC=com
 lastLogonTimestamp: value = 130027602762031250
 Fiber exit Tx=561 bytes Rx=2534 bytes, status=1
 Session End
Hi Community, We have upgraded from ISE v3.0 to v3.1 p3 and after the upgrade, we are observing that default interface for service traffic is changed to eth0, whereas, before the upgrade it was through eth1. Hoping for any resolutions on this issue.&...
I’m running into an issue with some windows 10 clients.After the clients register in the Guest portal, and a successful logon page appears, instead of getting directed to the internet the clients are getting re-directed back to register.If the clients go ...
Hi community members,
I need help here. we are using FTD 4125 physical appliance and configured SSL VPN with self-signed cert. whenever users try to connect AnyConnect, the application prompt warning that this is not trusted CA.
I do not want to pu...
I am installing an Exchange server behind an FPM 1010 running FDM. I have a public ip natted to internal. When I do a "What is my IP" from the exchange server console, I get the public ip of the FPM 1010. What do I need to change in the 1...
We are going to upgrade a ASA & ASDM Firmwares on a Firepower 2120 device.
We'd like to know if the current Firepower firmware will be compatible with the ASA & ASDM Firmwares which we are going to install.
ASA & ASDM Firm...