Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How do I get LMS 2.6 to use Active Directory??

We used to use ACS 3.1 to authenticate. But since we updated to ACS 4.1 and https was enabled we have been unable to authenticate that way. LMS 2.6 has issues authenticaing via https, per the TAC case. So I was wondering if LMS 2.6 could use Active Directory to authenticate or is there another way to authenticate.

Thank You,

Carmen

1 REPLY

Re: How do I get LMS 2.6 to use Active Directory??

Yes, you can use AD to authenticate using for instance RADIUS and the Microsoft IAS (Internet Authentication Server) which is built into Windows.

Go to Common Services -> Server -> Security -> AAA Mode Setup

Set it to Non-ACS and in the Available Login Modules screen, select RADIUS.

Click Change and fill in the details of the RADIUS server you intend to use (a domain controller for instance). The default port 1645 mentioned is also the default port that IAS uses.

Make sure that you add the LMS server as a RADIUS client in IAS, and make sure to add the needed RADIUS policies to allow the proper people to get authenticated from the LMS server.

There is a catch however. Since RADIUS can only do authentication and no authorization, you still need to configure all your users as local users in LMS as well to get their authorisation sorted.

The thing you do gain by using RADIUS is using your AD password for all your users.

193
Views
0
Helpful
1
Replies
CreatePlease to create content