user account for ldap authentication

Unanswered Question
Jan 25th, 2010
User Badges:

Hi all,

I have a plan to deploy SSL VPN with ldap authentication on ASA 8.2.

Our ldap server is MS active directory.

I have a question about the ID which is configured with the following command.



Currently I use a user account with domain admin privilege and works fine.

But from the secruity perspective, I want to use an account with least privilege.

Does anyone know exactly what privilege this user should have to make it work?

Thanks in advance,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
ScottKirkland Tue, 01/26/2010 - 17:22
User Badges:

I am interested in this also.

Can you tell me what commands are used to setup this authentication?

slmansfield Wed, 01/27/2010 - 06:42
User Badges:
  • Silver, 250 points or more

Here is a recently posted URL that I believe explains what you are asking.;f=10;t=002627

Also, there is a reference in this URL to the new ASA All-in-one reference book.  It appears this subject is covered in chapter 19.

  • Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance, Second Edition

  • By: Jazib Frahim - CCIE No. 5459; Omar Santos

  • Publisher: Cisco Press

  • Pub. Date: December 29, 2009

  • Print ISBN-10: 1-58705-819-7

  • HTH


    This Discussion