Re: LDAP on WLC 9800

nstr1 · ‎10-28-2020

I have a WLC 9800, i want configurate a server ldap, then i follow the next url;

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/secure-ldap.htmlbut

When i probed connect to ssid where is configurate the ldap showed error of authenticacion but this ldap is configurated in other WLC 5502 and is working without problem.

However how i can do a testing from my WLC 9800 to the LDAP of autentication ???

This is my configuration;

!
ldap server My_LDAP
ipv4 x.x.x.x
attribute map sAMAccountName
timeout retransmit 20
bind authenticate root-dn CN=asa_user,CN=users,dc=xxxxx,dc=mx password 7 xxxxxx

base-dn DC=My_Company,DC=mx
search-filter user-object-type Person
!

What is the error ???

I also tried the WLC Config Converter tool (AireOS, IOS-XE) but the configuration LDAP showed as Unmap Config

marce1000 · ‎10-29-2020

- Check the logs of the ldap server too, when an authentication request is attempted, check for errors if any.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

sgalloway · ‎03-02-2021

Refer to this Bug.. Requires an enhancement to the Code to resolve.. Currently the wlc 9800 only Parsing the CN attribute.

The options are presented to configure but they don't work.. Found this out the hard way and only after doing a packet capture to see what attribute was getting captured from the LDAP server end..

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv11813