Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
394
Views
0
Helpful
1
Replies

sAMAccount issues

Go to solution
james.king14
Level 1
Level 1

‎12-18-2015 08:22 AM

When user log into VPN, ASA is looking at CAC common Name instead of LDAP sAMAccountName for authentication.   Causing errors within log in script.  User cannot log into the VPN because of the issue. This is a two part problem;  having a certification chaining issue, but LDAP seems to looking for common name instead of looking for LDAP name  on AD

Labels:
Preview file
5 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎12-18-2015 09:04 PM

In your LDAP server definition, try using something like:

aaa-server <server> (inside) host a.b.c.d

 ldap-naming-attribute sAMAccountName

Failing that you'll probably need to use an attribute map.

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎12-18-2015 09:04 PM

In your LDAP server definition, try using something like:

aaa-server <server> (inside) host a.b.c.d

 ldap-naming-attribute sAMAccountName

Failing that you'll probably need to use an attribute map.

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html

0 Helpful
Customers Also Viewed These Support Documents