Filter
Top Products
C-3
Cisco ASDM User Guide
OL-16647-01
Appendix C Configuring an External Server for Authorization and Authentication
Configuring an External LDAP Server
Figure C-1 Policy Enforcement Flow
Configuring an External LDAP Server
The VPN 3000 Concentrator and the ASA/PIX 7.0 required a Cisco LDAP schema for authorization
operations. Beginning with Version 7.1.x, the security appliance performs authentication and
authorization, using the native LDAP schema, and the Cisco schema is no longer needed.
You configure authorization (permission policy) using an LDAP attribute map.
This section describes the structure, schema, and attributes of an LDAP server. It includes the following
topics:
• Organizing the Security Appliance for LDAP Operations, page C-3
• Defining the Security Appliance LDAP Configuration, page C-5
• Additional Information for using ASDM to Configure LDAP, page C-14
The specific steps of these processes vary, depending on which type of LDAP server you are using.
Note For more information on the LDAP protocol, see RFCs 1777, 2251, and 2849.
Organizing the Security Appliance for LDAP Operations
This section describes how to perform searches within the LDAP hierarchy and authenticated binding to
the LDAP server on the security appliance. It includes the following topics:
• Searching the Hierarchy, page C-4
• Binding the Security Appliance to the LDAP Server, page C-5
• Login DN Example for Active Directory, page C-5
243312
Dynamic Access Policy (DAP)
User Attributes
Group Policy Attributes
Group Policy Attributes Associated
with Connection Profile
System Default Group Policy Attributes