CiscoWorks LMS / ActiveDirectory authentication

Unanswered Question
Aug 20th, 2007


LMS 2.6

CiscoWorks Common Services 3.0.5

Campus Manager 4.0.9

CiscoView 6.1.5

Device Fault Manager 2.0.9

Internetwork Performance Monitor 2.6.0

Integration Utility 1.6.0

Resource Manager Essentials 4.0.5


Selected Login Module: MS Active Directory

Server: ldap://

Usersroot: ou=Technical Services, ou=Information Technology, dc=company, dc=com

Prefix: cn=


Users created in AD with a first name and last name have a "cn=first<space>last" and the actual logon credentials are stored in "sAMAccountName=loginID". This presents a problem when a LDAP querry is passed from CiscoWorks LMS. When attempting to authenticate CiscoWorks LMS users against Microsoft Active Directory / LDAP, login credentials must be "first<space>last" rather than actual loginID. Desired configuration would be to reference SAMAccountName (loginID) rather than CN. I see CCO references to SAMAccountName under Unified Messaging and NAC documentation. But nothing under CiscoWorks documentation. Is this possible?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Joe Clarke Mon, 08/20/2007 - 11:34

If I understand you correctly, why not change the prefix from cn= to SAMAccountName= ?

thomsmith Mon, 08/20/2007 - 11:41

You understand correctly. Though I tried changing the prefix to sAMAccountName= and it doesn't work.

Joe Clarke Mon, 08/20/2007 - 11:43

Do you have anonymous bind enabled on the AD server? That is required to use SAMAccountName.

thomsmith Mon, 08/20/2007 - 13:39

Nope, anonymous bind is not enabled. That's the source of my problem. Unfortunately, policy won't permit me to enable it either. I guess ACS appliance is the longer-term fix. In the meantime, I can change the user requiring this access. Thanks for your assistance.


This Discussion