Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

LMS 3.0 MS active directory

dear all,

I just installed a LMS3.0 using MS AD(2003) for authentication. it seems to me that everyone in the AD is athenticated rather than a group in that AD as we expected.

our AD structure is :

hola.nssnet.net

|->group1

. |-> subscrisber

. |-> groups2

. |->admin

I setup on LMS3.0 like this:

server; ldap://x.x.x.x

useroot: cn=admin, cn=group2, cn=subscribers, cn=group1, dc=hola, dc=nssnet, dc=net

RDN-Prefix:

is there anyway that we allow only users in group "admin" to access LMS rather than everyone in AD?

thanks,

tao

1 REPLY
Cisco Employee

Re: LMS 3.0 MS active directory

Anyone who successfully authenticates against the login module (AD in this case) will be allowed to access LMS. Their degree of access will depend on the roles you have assigned them. If they do not have a local account in LMS, then they will get Help Desk privileges. The only way to prevent this is to integrate LMS with ACS, and integrate that ACS server with AD. In that way, ACS will be stricter in who it allows to access LMS.

279
Views
0
Helpful
1
Replies