NAC Appliance and LDAP Lookup

Answered Question

Hello,


I have two CAM in HA and two CAS in HA.


I configure the LDAP Lookup for create rule to role allocation.


In this configuration are only one windows server to make find the user properties.


There are one problem when this Windows servers is down. There are any configuration to mitigation when the server is not there.


Thank you all.

Correct Answer by Daniel Laden about 8 years 4 months ago

The LDAP lookup server configs state it uses the LDAP Authentication Provider. The LDAP Authentication Provider says you can have multiple entries in the single field


LDAP

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/413/cam/m_auth.html#wp1158614


You can add redundancy for LDAP Authentication servers by entering multiple LDAP URLs in the Server URL field separated by a space, for example:

ldap://ldap1.abc.com ldap://ldap2.abc.com ldap://ldap3.abc.com

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
flitcraft33 Wed, 10/29/2008 - 15:16
User Badges:

I believe that in version 4.5.0 you can add more than one LDAP look up server. Of course to get to 4.5.0 you must be running on the "appliance" hardware according to Cisco.

Correct Answer
Daniel Laden Sat, 11/08/2008 - 10:29
User Badges:
  • Cisco Employee,

The LDAP lookup server configs state it uses the LDAP Authentication Provider. The LDAP Authentication Provider says you can have multiple entries in the single field


LDAP

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/413/cam/m_auth.html#wp1158614


You can add redundancy for LDAP Authentication servers by entering multiple LDAP URLs in the Server URL field separated by a space, for example:

ldap://ldap1.abc.com ldap://ldap2.abc.com ldap://ldap3.abc.com

Actions

This Discussion