Re: UCSM LDAP Authentication error

skrg · ‎03-11-2025

Hello,

In UCSM, LDAP configuration was updated by reordering some of the Providers. The task gave below error and didn't terminate, and going in a loop. Any suggestions to terminate this task.

"external aaa server configuration to primary(FSM-STAGE:sam:dme:AaaEpUpdateEp:SetEpLocal)"

"Re-ordering/Deletion of Providers or Group map config. change cannot be applied while ldap is used for (Domain) authentication"

Thanks in advance.

BrentonKnight9295 · ‎03-11-2025

May check this https://bst.cisco.com/quickview/bug/CSCwd26160 there is a bug fix it looks.

jakande · ‎03-11-2025

Hi SKRG,
The defect from BrentonKnight9295 should be helpful.
It is also a good practice to change your "Provider Group" settings in your LDAP Authentication Domain to <not set>, and save the it, before making changes(add/modify/delete) to your list of LDAP providers.
Once changes are done, you can change the "Provider Group" back to your previously configured LDAP Provider Group.

Regards

skrg · ‎03-11-2025

Thanks @jakande for the info.

If I change the settings now, would this cancel the current FSM event thats going in loop, please advise.

Thanks.

Wes Austin · ‎03-11-2025

Yes you should change everything to "not set" and allow the FSM to complete to 100 percent. Once this is done, you can make your changes again.

skrg · ‎03-12-2025

Thanks Wes Austin, will give it a try.