Once again seems I am the first one to use a new product. I have a CE565 that I am trying to get to work with MS LDAP. Anyone had any luck doing this? Cisco TAC is having difficult time tracing down problem.
LDAP Authentication is enabled
Allow mode: disabled
Base DN: DC=domain,DC=com
Timeout: 5 seconds
UID Attribute: uid
Group Attribute: memberOf
Administrative DN: <none>
Administrative Password: <none>
LDAP version: 3
LDAP port: 389
ce565#debug authe http
Apr 24 22:44:56 ce565 http_authmod: pam_sm_authenticate:2498 ***pam_ldap: Begin
There could be a problem with the LDAP server. If possible try a different server. You may want to reconfigure the CE again in case there is something that did not get configured correctly the first time.
I got it working. I did 2 things. One, I rebuilt the the server to make sure Active Directory was working correctly. Two, I changed the DC=domain to be dc=domain. I havent had a chance to test which one actually fixed it, but here it the config that I am using.
I managed to get the LDAP authentication working however... It only accepts the cn and password.
ie: My username is peter and my cn is peter jones, so I can`t log in with peter, I have to use peter jones. And the issue arises when smartfilter doesn`t seem to accept a space in the username so the user gets pased to the default policy. I need to get the authentication working with the normal username in order for smartfilter to work correctly. Any ideas?
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...