03-17-2007 02:06 AM - edited 03-10-2019 03:02 PM
Greetings forum,
i have been searching for the documents or some help on this forum regarding Cisco ACS with Novell eDirectory.Although im not a Cisco guy,i only work wid Novell products..
lately i was given assignment of integrating ACS with eDirectory.was having loads of problm initialy but now finally after 2 weeks of intense testing and searching its working like a charm.u mite not get info on this on the internet i thought of posting basic configuration steps for Ldap.Basically attributes are the main ones one have to luk into.the rest of the stuff cisco guys did it..
i used this Info.....
Common LDAP Configuration:
User Directory Subtree = where your users are(ou= , o= )
Group Directory Subtree = i gave here organization only
User Object Type = cn
User Object Class = InetOrgPerson
Group Object Type = cn
Group Object Class = groupofnames
Group Attribute Name = groupmember
hope this might help someone out there.
03-17-2007 07:38 AM
Hi Hamid,
A good one here. I would like to add that edirectory by default does not allow PAP password.
So ACS->E-directory communication may fail. We need to enable that.
Regards,
Vivek
03-18-2007 12:59 AM
Hi Vivek,
Thanks for writing bak mate.we are already using Freeradius with eDirectory as ldap and it was working fine..the only reason for which we might switch to ACS is that we want a better gui based and highly configurable Radius server.for eg we wanted to control simultaneous use of a user,that only took us ages to find out but never got it working..so far cisco ACS is up to the standards and i have a question here...
which protocol you think we should use for d authentication....?
Hav a nice day ,
Hamid
03-19-2007 04:19 AM
Hamid,
The choice of protocol depends on what you are trying to authenticate.
I can help if I have a little more info.
Regards,
Vivek
07-17-2007 02:53 AM
Hi,
I'm new at this forum; first i'd like to apologize but I need a solution for a eDirectory 802.1X authentication.
Users are connecting to LAP that connect to a Wireless Lan Controller. WLC send randius connection to ACS which is trying to connect to eDirectory. I need ACS in order to provide dynamic VLAN assignment but it seems that the best option is FreeRadius. If I employ ACS what can I do to avoid the use of certificates or token servers? It seems that I can't do anything else.
Thanks,
Dani
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide