08-20-2007 10:45 AM
=======================================
LMS 2.6
CiscoWorks Common Services 3.0.5
Campus Manager 4.0.9
CiscoView 6.1.5
Device Fault Manager 2.0.9
Internetwork Performance Monitor 2.6.0
Integration Utility 1.6.0
Resource Manager Essentials 4.0.5
=======================================
Selected Login Module: MS Active Directory
Server: ldap://server.company.com
Usersroot: ou=Technical Services, ou=Information Technology, dc=company, dc=com
Prefix: cn=
=======================================
Users created in AD with a first name and last name have a "cn=first<space>last" and the actual logon credentials are stored in "sAMAccountName=loginID". This presents a problem when a LDAP querry is passed from CiscoWorks LMS. When attempting to authenticate CiscoWorks LMS users against Microsoft Active Directory / LDAP, login credentials must be "first<space>last" rather than actual loginID. Desired configuration would be to reference SAMAccountName (loginID) rather than CN. I see CCO references to SAMAccountName under Unified Messaging and NAC documentation. But nothing under CiscoWorks documentation. Is this possible?
08-20-2007 11:34 AM
If I understand you correctly, why not change the prefix from cn= to SAMAccountName= ?
08-20-2007 11:41 AM
You understand correctly. Though I tried changing the prefix to sAMAccountName= and it doesn't work.
08-20-2007 11:43 AM
Do you have anonymous bind enabled on the AD server? That is required to use SAMAccountName.
08-20-2007 01:39 PM
Nope, anonymous bind is not enabled. That's the source of my problem. Unfortunately, policy won't permit me to enable it either. I guess ACS appliance is the longer-term fix. In the meantime, I can change the user requiring this access. Thanks for your assistance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide