authenticating clientless SSL vpn on asa 8.0(3) against novell edirectory

Unanswered Question
Apr 17th, 2008

We are able to authenticate users against edirectory with the current set up, however, we are trying to limit the access to a specific group w/in ldap. We are using the "customer name" of groupMembership and 'cisco-name" of IETF-Radius-Class.

The problem is users who are both members of and not members of this particular group defined by 'groupMembership' are getting authenticated.

any advice?

there seems to be very limited documentation for this, as all LDAP examples i can find use AD - go figure.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
srue Thu, 04/17/2008 - 15:09

problem solved.

i had to create a group policy that allowed 0 connections and assign it as a default group policy to my tunnel group.


This Discussion