I'm trying to setup LDAP Authentication for our MDS 9509's running 5.2(2) without success, I followed the "Sec Version 5" document. When I try to login and run "Debug ldap all" (on another session) to capture what is happening I get success for most of the steps except for "ldap_pss_move2key" with the error "no such pss key". I did setup a Private key before the step "aaa authorization ssh-publickey default group" as the documentation didn't mention to create one but surely it won't work without a public key.
Another thing, how does the role mapping work? Does everybody who login get default rights?
I tested in my lab and am trying to get SSL working for LDAP. I was albe to pass the role back as part of the login process. In my example, I used the LDPA field called 'departement' and in that field on the AD server for the authenticating account, I put the text in as 'network-admin' (minus the quotes)
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...