12-18-2015 08:22 AM
When user log into VPN, ASA is looking at CAC common Name instead of LDAP sAMAccountName for authentication. Causing errors within log in script. User cannot log into the VPN because of the issue. This is a two part problem; having a certification chaining issue, but LDAP seems to looking for common name instead of looking for LDAP name on AD
Solved! Go to Solution.
12-18-2015 09:04 PM
In your LDAP server definition, try using something like:
aaa-server <server> (inside) host a.b.c.d
ldap-naming-attribute sAMAccountName
Failing that you'll probably need to use an attribute map.
12-18-2015 09:04 PM
In your LDAP server definition, try using something like:
aaa-server <server> (inside) host a.b.c.d
ldap-naming-attribute sAMAccountName
Failing that you'll probably need to use an attribute map.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide