×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

prime 2.0 active directory integration

Unanswered Question
Mar 30th, 2014
User Badges:

Hi Everyone, in the Prime Infrastructure 2.0 user guide, page 21-7, is says that Prime can integrate with Active Directory via LDAP to get user information, and display it in the 360 view. I can't find it anywhere in PI, or any further mention in the doco. Is it possible, or is the doco preemting features that come in a later release of PI?

Thanks heaps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Marvin Rhoads Sun, 03/30/2014 - 18:44
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

As far as I know, you need BOTH the ISE and LDAP mentioned on that page to display end user attributes associated with an endpoint. I've done this for one customer where the ISE was a data source and ISE was in turn using LDAP as the authentication store. In that case, we could see end user info in the relevant Prime Infrastructure displays (360 view and others).

I've not had an opportunity to try it for a wireless environment where the controller uses LDAP authentication directly (no ISE).

Glenn Kerr Sun, 03/30/2014 - 19:18
User Badges:

Hi Marvin, thanks for the reply. We're in a bit of a different scenario, but I think you answered the question anyway. Sounds like PI doesn't have the Active Directory integration, it only happens if ISE can pull the information, and PI then leverages off that.

Our ISE is joined to the AD, doesn't have it as an LDAP source. Still early days in our deployment so I know where to start looking. Thanks again.

Marvin Rhoads Mon, 03/31/2014 - 06:19
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

You're welcome.

Please rate it if it helped or mark as answered.

Good luck.

Glenn Kerr Mon, 03/31/2014 - 16:25
User Badges:

If anyone is interested, got a email back from a wise Cisco SE, which says that if the WLC uses LDAP for auth, then it will populate the user info in the 360 view.

Also, the PI Server itself only currently supports LDAP as authentication via the AAA server feature, but this doesn't relate to the info displayed in the 360 view

Actions

This Discussion