Hi, we have Cisco ACS 3.3, we use it to authenticate VPN users locally created in ACS and all works fine.
The problems start when ACS must authenticate VPN users from an external LDAP database.
When an LDAP user try to log via VPN he has: LOGIN FAILED.
In ACS log we have this entry:
01/30/2006---16:03:08---Authen failed testspec---External DB user invalid or bad password
This is the ldap configuration:
User Directory Subtree: ou=Users,ou=medicina,dc=univr,dc=it
Group Directory Subtree: ou=medicina,dc=univr,dc=it
UserObjectType:uid
UserObjectClass:posixAccount
GroupObjectType: cn
GroupObjectClass: posixGroup
Group Attribute Name: memberUid
With this configuration from ACS we can map a group from LDAP to an ACS group, but when we open this ACS group no users are presents, is this normal?
Can you help us?
Many thanks
UniVR NOC