VPN Question - RADIUS (MS IAS) to LDAP Authentication

Unanswered Question
Nov 4th, 2008
User Badges:

When I was using RADIUS (MS IAS) people who would type "domain\username" or "username" would be authenticated correctly. Now I have switched to LDAP and when users type "domain\username" it no longer works. I think I understand why this doesn't work, due to the way LDAP looks up users in the directory. My question is....is there anyway to strip that from the username? I have seen the "strip-realm" and "strip-group" commands, but I dont think those apply in this case. Does anybody have any insight into this? Why would "domain\username" work for RADIUS? Thanks!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mchin345 Mon, 11/10/2008 - 08:52
User Badges:
  • Silver, 250 points or more

Before you are going to select the group you have create VPN tunnel, Then you select choose server group.

"strip-realm" and "strip-group" commands states to select the server group which you configured early.

1. Attribute names and values are case sensitive.

2. If you do not know the exact attribute names or spellings that are provided by the LDAP server, it can be helpful to examine the debugs before you create the map.

For further information click this link.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008060f261.shtml#steps


Actions

This Discussion