03-29-2013 11:50 AM
Hello Folks,
I am trying to look for working config with LDAP auth over SSH. I know how to use them over TACACS+ & Radius. But due to other internal issue, currently I am trying to get the Cisco MDS to directly auth using LDAP/AD. Also, I see no option of LDAP/AD in FM(Fabric Manager), but just TACACS+, Radius, LocalFM and MDS. Do using MDS uses default auth(ie whatever AAA authentication is configured for ? or local DB on the switch). Does the new DCNM supports LDAP/AD auth on the GUI ?
Larger goal is SSH(CLI) & FM(GUI) using the same LDAP/AD auth. I understand the snmp-server user issue. But once I have SSH working over LDAP/AD I can figure that out to..
Here's what I need to ensure when using LDAP/AD auth
1) What is the exact config for this LDAP/AD auth
2) How do I ensure that network-admin & network-opertor roles are assigned when certain AD Groups Logins in Like ADMIN-AD-GROUP , OPERATOR-AD-GROUP --> trying to login to the switch
3) Also using SSL port for LDAP, do details are encrypted over the network.
4) Do I need to use the PASSWORD in paintext when BINDING the BaseDN ?, can it be an encrypted password.
Appreciate any info on this. Thanks for your time.
04-03-2013 08:19 AM
As of DCNM 6.1 (aka - Fabric Manager Server) we support LDAP authentication adding to existing Radius, TACACS+, local and switch authentications. You can upgrade from Fabric Manager 5.0 to DCNM 5.2 to DCNM 6.1 if you like to keep current performance, events, config data alive. We do recommend fresh install as we don't know what state your server dabatabase might be in. Including some links for you to help out with deployment and best practices (see release notes).
Resources:
Main Website:
How To Video Series: http://www.cisco.com/en/US/prod/netmgtsw/ps6505/ps9369/cisco_dc_nm_video_library.html
Install and Licensing Guide:
http://www.cisco.com/en/US/products/ps9369/prod_installation_guides_list.html
Evaluation Licenses: http://tools.cisco.com/SWIFT/LicensingUI/Home?FormId=65
Download Linux and Windows Executables: http://www.cisco.com/cisco/pub/software/portal/select.html?&i=!m&mdfid=281722751
Data Sheets: http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6505/ps9369/data_sheet_c78-639737.html
Install Guide: http://www.cisco.com/en/US/products/ps9369/prod_installation_guides_list.html
Configure Guide: http://www.cisco.com/en/US/products/ps9369/products_installation_and_configuration_guides_list.html
API Programming Guide:
http://www.cisco.com/en/US/products/ps9369/products_programming_reference_guides_list.html
Reference Guide: http://www.cisco.com/en/US/products/ps9369/prod_technical_reference_list.html
Release Notes: http://www.cisco.com/en/US/products/ps9369/tsd_products_support_general_information.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide