Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

How to configure LDAP mapping for the Microsoft Windows Active Directory on the Cisco Clean Access Manager


In order to configure Lightweight Directory Access Protocol (LDAP) mapping for Microsoft Windows Active Directory (AD) users, complete these steps:

  1. On Cisco Clean Access Manager choose User management > Auth Servers > Mapping Rules. Choose the role to which the user is mapped.

  2. Choose Attribute as the condition type.

  3. Choose Contains as the operator type.

  4. Choose memberOf as the attribute name. This example uses the memberOf attribute from the AD. Any attribute that LDAP supports can be used here.

  5. If the user is a member of the Administrators group, use the Administrator value. This searches for the Administrator string in the memberOf attribute value.

  6. Click Add condition. The conditions display. It is possible to use compounded statements and form multiple conditions.

  7. After attribute mappings are entered, click Add mapping.

  8. Choose User management > Auth Servers > Auth Test. Perform an Auth test to confirm that the appropriate role is assigned to the user.

Third Party Software

Windows Active Directory

Protocol / Ports


Version history
Revision #:
1 of 1
Last update:
‎06-17-2009 10:11 PM
Updated by:
Labels (1)