beautypg.com

Cisco 3.3 User Manual

Page 524

background image

Chapter 13 User Databases

Generic LDAP

13-40

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

For example, if the delimiter character is “@” and the username is
“jwiedman@domain”, then Cisco Secure ACS submits “jwiedman” to an
LDAP server.

Note

The X box cannot contain the following special characters:
# ? " * > <
Cisco Secure ACS does not allow these characters in usernames;
therefore, if any of these characters are in the X box, stripping fails.

Common LDAP Configuration—This table contains options that apply to
all LDAP authentication performed using this configuration. Cisco Secure
ACS uses the settings in this section regardless of whether the authentication
is handled by the primary or secondary LDAP server. This table contains the
following options:

User Directory Subtree—The distinguished name (DN) for the subtree
that contains all users. For example:

ou=

organizational unit

[,ou=

next organizational unit

]o=corporation.com

If the tree containing users is the base DN, type:

o=corporation.com

or

dc=corporation,dc=com

as applicable to your LDAP configuration. For more information, refer to
your LDAP database documentation.

Group Directory Subtree—The DN for the subtree that contains all
groups. For example:

ou=

organizational unit

[,ou=

next organizational unit

]o=corporation.com

If the tree containing groups is the base DN, type:

o=corporation.com

or

dc=corporation,dc=com

as applicable to your LDAP configuration. For more information, refer to
your LDAP database documentation.