03-25-2009 01:28 AM
Hi All,
I m very confused need your intervention for the same..
I have deployed ASA SSL VPN with ver 8.0... the problem i m facing is the multiple domain search ie we have 2 different AD & in different domain. For eg one in abc.com domain & other in xyz.com domain.
I had created one LDAP AAA group in which i have added the 2 AD. My concern is if the user is coming from his domain will he be automatically authenticated by his particular domain or not.. In one of th cisco document i saw this-
The ASA currently does not support the LDAP referal mechanism for multi-domain searches
(Cisco bug ID CSCsj32153). Multi-domain searches are supported with the AD in Global Catalog Server
mode. In order to perform multi-domain searches, setup up the AD server for Global Catalog Server mode,
usually with the these key parameters for the LDAP server entry in the ASA. The key is to use an
ldap-name-attribute that must be unique across the directory tree.
server-port 3268
ldap-scope subtree
ldap-naming-attribute userPrincipalName
I m not able to understand is this for search in a single domain with multiple AD ie backup AD or is it for AD in different domain.
Also do i need to create 2 different LDAP group to make it work using 2 AD in same group will work...
Thanks in advance for any solution..
Piyush
03-29-2009 08:24 AM
sill no reply????
04-20-2009 11:07 PM
Have any body ever done this before???
09-20-2010 04:43 AM
Piyush,
Did you get this working, I'm having the same issue with one of my customers and wanted to see if you got it working.
Thanks,
Vikas
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide