Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Gold

ldap_naming_attribute on LDAP query

Hi

I have an ASA5510 authenticating remote users against a Microsoft Windows 2003 Server via LDAP. I have all of this working, however I was wondering if there was any way of specifying more than one LDAP Naming Attribute.

My current config looks like:

aaa-server LDAP protocol ldap

aaa-server LDAP host 192.168.0.237

server-port 636

ldap-base-dn ou=Users,dc=somecompany,dc=com

ldap-scope subtree

ldap-naming-attribute cn

ldap-login-password <password>

ldap-login-dn Netdom\Administrator

ldap-over-ssl enable

server-type microsoft

The help seems to imply that I can specify more than than one attribute on the "ldap-naming-attribute" statement, however if I try to use various separators (including commas), then I can no longer authenticate.

e.g.

ldap-naming-attribute cn,mail

If I use the individual attributes on their own, each works fine.

Any pointers gratefully received.

Barry

1 REPLY
Silver

Re: ldap_naming_attribute on LDAP query

I am not aware if multiple ldap naming attributes can be combined. Not sure how this works.

Also, I do not see any configuration lines for "aaa-server key". Is this not mandatory for ladp?

248
Views
0
Helpful
1
Replies
CreatePlease to create content