ASA5500 OpenLDAP AAA Server

Discussion in 'Cisco' started by nobody@comcast.net, Jun 29, 2006.

  1. Guest

    Has anyone had success having an ASA 5500 use an openLDAP server as an
    aaa-server? I've read what I could, all of it relating to
    ActiveDirectory and have tried several configurations with no success.
    It seems suggested that I would work, when I run openLDAP in debug
    mode I see the connections and name lookups but the ASA always fails.

    The openLDAP server is currently servicing other applications just
    fine, apache, pam, and a couple of others. The problem must be with
    the ASA.

    What am I missing?

    Thanks
     
    , Jun 29, 2006
    #1
    1. Advertising

  2. Chad Mahoney Guest

    wrote:
    > Has anyone had success having an ASA 5500 use an openLDAP server as an
    > aaa-server? I've read what I could, all of it relating to
    > ActiveDirectory and have tried several configurations with no success.
    > It seems suggested that I would work, when I run openLDAP in debug
    > mode I see the connections and name lookups but the ASA always fails.
    >
    > The openLDAP server is currently servicing other applications just
    > fine, apache, pam, and a couple of others. The problem must be with
    > the ASA.
    >
    > What am I missing?
    >
    > Thanks


    What version of code are you running. I first *tried* to configure LDAP
    with code 7.11 and it just would not work, opened a TAC case and was
    told to jump to atleast 7.12 once I did that the LDAP config to an
    active directory server went with no problems.

    Thanks...

    Chad
     
    Chad Mahoney, Jun 29, 2006
    #2
    1. Advertising

  3. Guest

    On 29 Jun 2006 14:11:29 -0700, "Chad Mahoney" <>
    wrote:

    >
    > wrote:
    >> Has anyone had success having an ASA 5500 use an openLDAP server as an
    >> aaa-server? I've read what I could, all of it relating to
    >> ActiveDirectory and have tried several configurations with no success.
    >> It seems suggested that I would work, when I run openLDAP in debug
    >> mode I see the connections and name lookups but the ASA always fails.
    >>
    >> The openLDAP server is currently servicing other applications just
    >> fine, apache, pam, and a couple of others. The problem must be with
    >> the ASA.
    >>
    >> What am I missing?
    >>
    >> Thanks

    >
    >What version of code are you running. I first *tried* to configure LDAP
    >with code 7.11 and it just would not work, opened a TAC case and was
    >told to jump to atleast 7.12 once I did that the LDAP config to an
    >active directory server went with no problems.
    >
    >Thanks...
    >
    >Chad


    Thanks for the reply.

    My show ver begins as follows, I'm guessing I'm already on 7.12?

    Cisco Adaptive Security Appliance Software Version 7.1(2)
    Device Manager Version 5.1(2)

    Compiled on Tue 14-Mar-06 17:00 by dalecki
    System image file is "disk0:/asa712-k8.bin"
    Config file at boot was "startup-config"

    radasa up 2 days 7 hours

    Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
    Internal ATA Compact Flash, 64MB
    BIOS Flash M50FW080 @ 0xffe00000, 1024KB


    When I test using the java interface, and debug ldap and aaa, debug
    says authentication passed it then gets user attributes and the gui
    says test failed. No additional debug information is provided, like
    what ldap attribute it didn't find or like.

    I can't find anything that would describe required ldap fields or at
    least required ldap attribute maps.
     
    , Jul 1, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Chris_D
    Replies:
    4
    Views:
    3,428
    Chris_D
    Aug 1, 2005
  2. Heath Roberts

    ASA5500 training?

    Heath Roberts, Mar 22, 2006, in forum: Cisco
    Replies:
    0
    Views:
    499
    Heath Roberts
    Mar 22, 2006
  3. mowmentous

    Managing ASA5500 with CiscoWorks

    mowmentous, May 16, 2006, in forum: Cisco
    Replies:
    2
    Views:
    3,446
    Christian Zeng
    May 17, 2006
  4. Gary
    Replies:
    0
    Views:
    357
  5. iceman42
    Replies:
    2
    Views:
    597
    iceman42
    Nov 29, 2006
Loading...

Share This Page