05-31-2022 01:52 AM
We have just upgraded 2 different models of Firewalls, both are on different versions and I have noticed that the LDAP option in the dynamic policy is now misisng options.
In the top left box (select criteara) in Dynamic policies, you have the option to use LDAP. We normally add groups in this for an extra layer of security.
I tried to add a new AC profile today and when I got to the LDAP option the box is mostly blank ( see attached image ) Normally you can choose AD groups at this point
Lucikly all our old profiles still have thier LDAP entries and it does not look like you can add this under CLI.
Any one else come across this issue ?
05-31-2022 01:56 AM
what models what version of ASA code ? both having same issue ?
05-31-2022 02:04 AM
@Richard Tapp this is probably an ASDM bug, what version are you running?
Look like the same problem as identified here:- https://community.cisco.com/t5/vpn/i-can-t-add-aaa-attribute-type-ldap/td-p/4583301
Resolved by using a different ASDM version.
05-31-2022 02:28 AM
Thanks Rob, we are on 7.17(1) I will get it changed
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide