I am trying to finalize testing on using LDAP to authenticate as opposed to using the Cisco ACS agent.
I am obvioulsy not an LDAP guru so some of the attributes make no sense.
How does one determine what goes in these fields: Is it an actual name or a predefined field such as "cn" or "memberof"
User Directory Subtree
Group Directory Subtree
Group Attribute Name
my second issue is, we have certain personnel assigned to certain groups. If I am assigned to ACSauth and someone else is assigned to otherAuth group, do I need two different entries in the LDAP for this? How do I make sure that both have authentication privileges?