Cisco Support Community
Community Member

LMS and AD login module

I am setting up an LMS system and we would like to use LDAP authentication with an existing MS 2003 AD system.

The setup on AD has anonymous bind disabled, and it is not going to be changed to allow anonymous either.

The users I want to authenticate are scattered through about 4 to 5 different OU structures.

As I understand it, without anonymous bind, I have to specify the exact OU structure where all the users reside. I cant do that as there are multiple OU structures, so it appears that I cant use the MS Active Directory Login Module.

I have an AD user name and password which I can use to query LDAP, but I cant see anywhere where I can enter this in CiscoWorks.

Is there somewhere where a username/password can be added for this purpose?

Cisco Employee

Re: LMS and AD login module

Unfortunately, this is not possible. If anonymous bind is disabled, then all CiscoWorks users must have the same DN base. In this way, the authentication is performed by simply binding to the directory as that user using her DN.

You should consider talking to your account team to open a Product Enhancement Request for allowing a master bind user in addition to anonymous bind.

Community Member

Re: LMS and AD login module


you describe exactly our situation. It would be great if this would be possible in future releases as i doubt that many companies would allow anonymous binds on they ldap infrastructure.

CreatePlease to create content