06-22-2012 06:39 AM
Hello,
I'm running VPN SSL on an asa 5520 (V8.2.5) with LDAP authentication and everything works fine but now the AD people changed name in the groups and they added a " " "blank" in one of the fields so when I configured the group I get an error.
for example:
this works:
map-value memberOf CN=VPN_SSL_ABC,OU=External,OU=XXX,DC=ext,DC=local ABCPolicy
but this does not:
map-value memberOf CN=VPN_SSL_ABC,OU=External Group,OU=XXX,DC=ext,DC=local ABCPolicy
Is there any way to insert a space in the OU field?
thanks in advance
Giovanni
Solved! Go to Solution.
06-22-2012 07:25 AM
Yes, just put quotes for the memberOf attribute as follows:
map-value memberOf "CN=VPN_SSL_ABC,OU=External Group,OU=XXX,DC=ext,DC=local" ABCPolicy
06-22-2012 07:25 AM
Yes, just put quotes for the memberOf attribute as follows:
map-value memberOf "CN=VPN_SSL_ABC,OU=External Group,OU=XXX,DC=ext,DC=local" ABCPolicy
06-22-2012 07:45 AM
Further to Jennifer post, I would like to add that quotes actually represent the distinguish name as single entity.
LDAP Authentication to Assign a Group Policy at Login
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808d1a7c.shtml
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide