Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
478
Views
0
Helpful
4
Replies

C240 AD Integration

Terry MacDougal
Level 1
Level 1

‎08-11-2014 09:50 AM - edited ‎03-01-2019 11:47 AM

We currently have all of our FIs integrated with MS AD and I would like to do the same for the C-Series servers. I have a question regarding the "Attribute" field under "Search Parameters". It has by default "CiscoAvPair" what is this suppose to be?

 

Thanks

0 Helpful
4 Replies 4

gmonroy
Cisco Employee
Cisco Employee

‎08-11-2014 03:52 PM

Hello,

The "CiscoAvPair" attribute can be used to expand an existing schema in the ldap configuration on the side of AD. Please see the following:

http://www.cisco.com/c/en/us/support/docs/servers-unified-computing/ucs-central-software/115983-ucs-central-ldap-authenticate-00.html#addattributes


http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/gui/config/guide/2-0/b_UCSM_GUI_Configuration_Guide_2_0/b_UCSM_GUI_Configuration_Guide_2_0_chapter_0111.html#concept_FAA777771F5D4F14A82A479CED0D4AF4

In the second link, you'll notice that it is optional for LDAP configurations within the UCS.

Regards,

-Gabriel

0 Helpful

Terry MacDougal
Level 1
Level 1
In response to gmonroy

‎08-12-2014 06:16 AM

We are using Microsoft AD and it works like a charm for UCSM and I am now trying to integrate the same config into some standalone C-Series servers.

 

So, the "CiscoAvPair" attribute will need to be added to use MS AD for the C-Series?

 

Thanks

0 Helpful

gmonroy
Cisco Employee
Cisco Employee
In response to Terry MacDougal

‎08-12-2014 03:36 PM

It is not a necessary step, but you can do so if you choose. From the following:

http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/cli/config/guide/1-0_1x/b_Cisco_CIMC_C250_CLI_Configuration_Guide/Cisco_CIMC_C250_CLI_Configuration_Guide_chapter6.html#task_10637AC91E1C4F55ABEC112C91AD29EA

 

The CIMC can be configured to use Active Directory for user authentication and authorization. To use Active Directory, configure users with an attribute that holds the user role and locale information for the CIMC. You can use an existing LDAP attribute that is mapped to the CIMC user roles and locales or you can modify the Active Directory schema to add a new custom attribute, such as the CiscoAVPair attribute, which has an attribute ID of 1.3.6.1.4.1.9.287247.1. For more information about altering the Active Directory schema, see the article at http://technet.microsoft.com/en-us/library/bb727064.aspx.

 

Regards,

-Gabriel

0 Helpful

Terry MacDougal
Level 1
Level 1
In response to gmonroy

‎08-13-2014 07:12 AM

I get all of that, ok most of it....... We are not creating a new CiscoAVPair attribute. So what value will go into Search Parameters --> Attribute so we can utilize our current AD schema?

 

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking products for a $25 gift card