authenticating clientless SSL vpn on asa 8.0(3) against novell edirectory

Unanswered Question
Apr 17th, 2008
User Badges:
  • Blue, 1500 points or more

We are able to authenticate users against edirectory with the current set up, however, we are trying to limit the access to a specific group w/in ldap. We are using the "customer name" of groupMembership and 'cisco-name" of IETF-Radius-Class.

The problem is users who are both members of and not members of this particular group defined by 'groupMembership' are getting authenticated.

any advice?

there seems to be very limited documentation for this, as all LDAP examples i can find use AD - go figure.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
srue Thu, 04/17/2008 - 15:09
User Badges:
  • Blue, 1500 points or more

problem solved.

i had to create a group policy that allowed 0 connections and assign it as a default group policy to my tunnel group.


This Discussion