I've done some reading and it looks like it is possible to configure a cisco switch to use LDAP authentication but I'm struggling on what to do next. I rather not use RADIUS or tacacs+ as they both require additional configuration on the LDAP server. Am I correct that IOS can just use LDAP?
I've been using this guide, but can only seem to get halfway there.
I'm using Version 15.0(2)SE6 on a 3750X ip based switch and my LDAP server is a Windows 2008 R2 box. Here is what i have so far:
aaa new-model ! ! aaa group server ldap DOMAIN server mydomain.com
ldap attribute-map NetworkAdmins ! ldap server mydomain.com ipv4 10.0.1.10 transport port 636 bind authenticate root-dn "cn=ldap_svc,ou=service accounts,out=users,ou=mydomain.com,dc=mydomain,dc=com" password 7 PASSWORD base-dn ou=users,ou=mydomain.com,dc=mydomain,dc=com mode secure authentication bind-first authentication compare
If I’m understanding this correctly I have to configure an ldap server, then tell aaa to use that ldap server. I think I need to configure an ldap attribute-map but cant figure out the syntax. How do I tell it to use a specific group and how to I configure ssh or the console to use ldap?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...