user account for ldap authentication

Unanswered Question
Jan 25th, 2010
User Badges:

Hi all,


I have a plan to deploy SSL VPN with ldap authentication on ASA 8.2.

Our ldap server is MS active directory.


I have a question about the ID which is configured with the following command.


ldap-login-dn

ldap-login-password


Currently I use a user account with domain admin privilege and works fine.

But from the secruity perspective, I want to use an account with least privilege.


Does anyone know exactly what privilege this user should have to make it work?


Thanks in advance,


Taro

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
ScottKirkland Tue, 01/26/2010 - 17:22
User Badges:

I am interested in this also.


Can you tell me what commands are used to setup this authentication?

slmansfield Wed, 01/27/2010 - 06:42
User Badges:
  • Silver, 250 points or more

Here is a recently posted URL that I believe explains what you are asking.


http://www.securityie.com/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=10;t=002627


Also, there is a reference in this URL to the new ASA All-in-one reference book.  It appears this subject is covered in chapter 19.


  • Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance, Second Edition

  • By: Jazib Frahim - CCIE No. 5459; Omar Santos

  • Publisher: Cisco Press

  • Pub. Date: December 29, 2009

  • Print ISBN-10: 1-58705-819-7


  • HTH

    Actions

    This Discussion