Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

C240 AD Integration

We currently have all of our FIs integrated with MS AD and I would like to do the same for the C-Series servers. I have a question regarding the "Attribute" field under "Search Parameters". It has by default "CiscoAvPair" what is this suppose to be?

 

Thanks

Everyone's tags (1)
4 REPLIES
Cisco Employee

Hello,The "CiscoAvPair"

Hello,

The "CiscoAvPair" attribute can be used to expand an existing schema in the ldap configuration on the side of AD. Please see the following:

http://www.cisco.com/c/en/us/support/docs/servers-unified-computing/ucs-central-software/115983-ucs-central-ldap-authenticate-00.html#addattributes


http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/gui/config/guide/2-0/b_UCSM_GUI_Configuration_Guide_2_0/b_UCSM_GUI_Configuration_Guide_2_0_chapter_0111.html#concept_FAA777771F5D4F14A82A479CED0D4AF4

In the second link, you'll notice that it is optional for LDAP configurations within the UCS.

Regards,

-Gabriel

Community Member

We are using Microsoft AD and

We are using Microsoft AD and it works like a charm for UCSM and I am now trying to integrate the same config into some standalone C-Series servers.

 

So, the "CiscoAvPair" attribute will need to be added to use MS AD for the C-Series?

 

Thanks

Cisco Employee

It is not a necessary step,

It is not a necessary step, but you can do so if you choose. From the following:

http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/cli/config/guide/1-0_1x/b_Cisco_CIMC_C250_CLI_Configuration_Guide/Cisco_CIMC_C250_CLI_Configuration_Guide_chapter6.html#task_10637AC91E1C4F55ABEC112C91AD29EA

 

The CIMC can be configured to use Active Directory for user authentication and authorization. To use Active Directory, configure users with an attribute that holds the user role and locale information for the CIMC. You can use an existing LDAP attribute that is mapped to the CIMC user roles and locales or you can modify the Active Directory schema to add a new custom attribute, such as the CiscoAVPair attribute, which has an attribute ID of 1.3.6.1.4.1.9.287247.1. For more information about altering the Active Directory schema, see the article at http://technet.microsoft.com/en-us/library/bb727064.aspx.

 

Regards,

-Gabriel

Community Member

I get all of that, ok most of

I get all of that, ok most of it....... We are not creating a new CiscoAVPair attribute. So what value will go into Search Parameters --> Attribute so we can utilize our current AD schema?

 

Thanks

104
Views
0
Helpful
4
Replies
CreatePlease to create content