cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1127
Views
6
Helpful
5
Replies

Adding an AAA LDAP Server on Catalyst 9800 Wireless controller

O.K.
Level 1
Level 1

Hello, 

When I try to add an LDAP server on Cisco Catalyst 9800-L Wireless Controller (17.3.6), I get an error which says "Invalid User Base DN"

I' aware user base DN shouldn't contain a space character, but domain controller i not under my control and there is a white space in OU name. 

I've already tried to put the whole string into single quotes (') and value of the OU into double quotes ("), but WLC doesn't like them.

I've also tried to escape with backslash (\) also it didn't worked. 

Here is the example:

'OU="test 1",OU=test,DC=int,DC=at'  --> If I delete the white space between "test" and "1" it works. 

 

Has anyone experienced such a issue? 

Thanks in advance!

Regards.

1 Accepted Solution

Accepted Solutions

marce1000
VIP
VIP

 

                                >... but domain controller i not under my control 
 - Then there's not much you can do if the 9800 won't take it , you may have a try with IOS-XE 17.9.3 (note: also supports the older generation Wave 1 APs again) ,  or perhaps edit LDAP server with GUI (if done , reverse this mark to CLI (...))

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

5 Replies 5

marce1000
VIP
VIP

 

                                >... but domain controller i not under my control 
 - Then there's not much you can do if the 9800 won't take it , you may have a try with IOS-XE 17.9.3 (note: also supports the older generation Wave 1 APs again) ,  or perhaps edit LDAP server with GUI (if done , reverse this mark to CLI (...))

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Hi, 
thank you for your reply. I've tried both (CLI and GUI) and multiple possible solutions (like escaping special characters etc.) but without luck. What I can't follow is Cisco has accepted white space on the old wireless controllers.

- Then you need to confront Cisco with that argument and create a TAC case.

M.


-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Not everything gets moved over, AireOS and the IOS-XE is different platforms as you know.  everyone wanted everything in AireOS, why would they build a new platform.  Like what @marce1000 mentioned, bring this up to TAC or your Cisco SE and see if they can possibly add this to future releases.  As of now, you need to figure out another way.

-Scott
*** Please rate helpful posts ***

Scott Fella
Hall of Fame
Hall of Fame

Just to add.... like @marce1000 mentioned, you are pretty much out of luck if you can't work with he team that manages the directory services.  Your only work around would be for them to create a new group and add users to that new group, or else get a radius server and use that to build your policies, which I think is so much better.

-Scott
*** Please rate helpful posts ***
Review Cisco Networking for a $25 gift card