NAC Appliance and LDAP Lookup

Answered Question

Hello,

I have two CAM in HA and two CAS in HA.

I configure the LDAP Lookup for create rule to role allocation.

In this configuration are only one windows server to make find the user properties.

There are one problem when this Windows servers is down. There are any configuration to mitigation when the server is not there.

Thank you all.

I have this problem too.
0 votes
Correct Answer by Daniel Laden about 8 years 1 month ago

The LDAP lookup server configs state it uses the LDAP Authentication Provider. The LDAP Authentication Provider says you can have multiple entries in the single field

LDAP

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/413/cam/m_auth.html#wp1158614

You can add redundancy for LDAP Authentication servers by entering multiple LDAP URLs in the Server URL field separated by a space, for example:

ldap://ldap1.abc.com ldap://ldap2.abc.com ldap://ldap3.abc.com

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
flitcraft33 Wed, 10/29/2008 - 15:16

I believe that in version 4.5.0 you can add more than one LDAP look up server. Of course to get to 4.5.0 you must be running on the "appliance" hardware according to Cisco.

Correct Answer
Daniel Laden Sat, 11/08/2008 - 10:29

The LDAP lookup server configs state it uses the LDAP Authentication Provider. The LDAP Authentication Provider says you can have multiple entries in the single field

LDAP

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/413/cam/m_auth.html#wp1158614

You can add redundancy for LDAP Authentication servers by entering multiple LDAP URLs in the Server URL field separated by a space, for example:

ldap://ldap1.abc.com ldap://ldap2.abc.com ldap://ldap3.abc.com

Actions

This Discussion