ACS 3.0 Ldap authentication to a Lotus notes Server
I have 2 ACS3.0 servers configured to authenticate to a Lotus notes LDAP
server. Both are configured the same. Using radtest to check with known account I fail from one but not the other. Using unknown user to ldap and both ldap configurations using same object types and descriptions.
Re: ACS 3.0 Ldap authentication to a Lotus notes Server
have you configured BOTH the ACS to back-end with BOTH the LDAP servers? if yes, then the LDAP server listed first is the one where you are getting autheticated succesfully.
The reason is because, when authentication request is sent to the first LDAP server (assuming the user is in the 2nd LDAP server), the 1st LDAP server replied with a FAIL message back to ACS, and the ACS fails this attempt. ACS will not send this request to the 2nd LDAP server, because the reply back from the 1st LDAP was FAIL and not an ERROR. The 2nd LDAP server will only be contacted if the 1st LDAP server is not responding.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...