Filter
Top Products
6-17
Configuration Guide for Cisco Secure ACS 4.2
OL-14390-02
Chapter 6 Agentless Host Support Configuration Scenario
Basic Configuration Steps for Agentless Host Support
For detailed information on this field, refer to the “LDAP Configuration Options” section in
Chapter 12 of the User Guide for Cisco Secure Access Control Server, “User Databases.”
–
Admin DN—The DN of the administrator; that is, the LDAP account which, if bound to,
permits searches for all required users under the User Directory Subtree. It must contain the
following information about your LDAP server:
uid=user id,[ou=organizational unit,][ou=next organizational unit]o=organization
where user id is the username, organizational unit is the last level of the tree, and
next organizational unit is the next level up the tree.
For example:
uid=joesmith,ou=members,ou=administrators,o=cisco
You can use anonymous credentials for the administrator username if the LDAP server is
configured to make the group name attribute visible in searches by anonymous credentials.
Otherwise, you must specify an administrator username that permits the group name attribute
to be visible to searches.
Note If the administrator username that you specify does not have permission to see the group name
attribute in searches, group mapping fails for users whom LDAP authenticates.
–
Password—The password for the administrator account that you specified in the Admin DN
box. The LDAP server determines case sensitivity.
b. If you want to set up LDAP server failback, then in the Secondary LDAP server section, specify
information to identify the failback LDAP server.
The options and text input boxes in the Secondary LDAP Server section are the same as the ones in
the Primary LDAP Server section.
Step 9 Click Submit.
Step 5: Configure User Groups for MAB Segments
During configuration of Network Access Profiles to enable agentless request processing, you will be
required to map devices that have specified MAC addresses to one of the default user groups that ACS
provides.