Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Problems with ext DB - LDAP to AD server

Hi,

We are running a Windows Server 2003 server with LDAP (funtioning properly). Im trying to get my ACS to authenticate via this server. I can see from event viewer on the the Windows server that requests are going through fine but under Reports & Activity it says that "external user not found". Heres the settings that I have specified (Ive tried tonnes of different options but none seem to work)

Any help would be greatly appreciated.

User Directory Subtree - OU=STAFF,OU=XXXXXX,OU=CIT,DC=XXXXXX,DC=ie

Group Directory Subtree - CN=Users,DC=XXXXXXX,DC=ie

UserObjectType - sAMAccountName

UserObjectClass - ObjectClass

GroupObjectType - sAMAccountName

GroupObjectClass - ObjectClass

Group Attribute Name - Member

2 REPLIES
Silver

Re: Problems with ext DB - LDAP to AD server

Do you see any error messages from the LDAP server on the ACS? Make sure the LDAP ports (TCP/389 or TCP/636 if using SSL) are not blocked by any device (firewall) between LDAP server and ACS.

New Member

Re: Problems with ext DB - LDAP to AD server

The error is in UserObjectClass. It should be person.

Best way to correct the settings is to use a ldap browser like softerra and connect to AD. Check the identifiers used and put them in ACS.

265
Views
0
Helpful
2
Replies
CreatePlease to create content