Resolution
In order to configure Lightweight Directory Access Protocol (LDAP) mapping for Microsoft Windows Active Directory (AD) users, complete these steps:
- On Cisco Clean Access Manager choose User management > Auth Servers > Mapping Rules. Choose the role to which the user is mapped.
- Choose Attribute as the condition type.
- Choose Contains as the operator type.
- Choose memberOf as the attribute name. This example uses the memberOf attribute from the AD. Any attribute that LDAP supports can be used here.
- If the user is a member of the Administrators group, use the Administrator value. This searches for the Administrator string in the memberOf attribute value.
- Click Add condition. The conditions display. It is possible to use compounded statements and form multiple conditions.
- After attribute mappings are entered, click Add mapping.
- Choose User management > Auth Servers > Auth Test. Perform an Auth test to confirm that the appropriate role is assigned to the user.
Third Party Software
Windows Active Directory
Protocol / Ports
LDAP