I am testing "Identity Options" with IDFW Step by Step configuraiton.
I could finish installing and configuring AD agent and Identity options but I could not get an authenciation from a domain controller.
I can find my name in the domain controller but when I try to get an authentication from the DC, ASA says "Authentication Rejected: User was not found". When I configured the domain controller as AAA server with protocol "NT Domain" under Device Manangement > Users/AAA > AAA server Groups and ran "Test" button, I could get my account authenticated by the domain controller.
Could you guys please give me some tips how to break this problem?
Here is how I did a test.
Test_ASA# test aaa-server authentication AD1 username richard password cisco123 Server IP Address or name: 192.168.1.1 INFO: Attempting Authentication test to IP address <192.168.1.1> (timeout: 12 seconds)
 Session Start  New request Session, context 0x76821678, reqType = Authentication  Fiber started  Creating LDAP context with uri=ldaps://192.168.1.1:636  Connect to LDAP server: ldaps://192.168.1.1:636, status = Successful  supportedLDAPVersion: value = 3  supportedLDAPVersion: value = 2  Binding as administrator  Performing Simple authentication for administrator to 192.168.1.1  LDAP Search: Base DN = [DC=sulu, DC=local] Filter = [sAMAccountName=richard] Scope = [ONE LEVEL]  User richard not found  Fiber exit Tx=250 bytes Rx=750 bytes, status=-1  Session End ERROR: Authentication Rejected: User was not found
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :