Cisco 3.3 User Manual
Page 524
Chapter 13 User Databases
Generic LDAP
13-40
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
For example, if the delimiter character is “@” and the username is
“jwiedman@domain”, then Cisco Secure ACS submits “jwiedman” to an
LDAP server.
Note
The X box cannot contain the following special characters:
# ? " * > <
Cisco Secure ACS does not allow these characters in usernames;
therefore, if any of these characters are in the X box, stripping fails.
•
Common LDAP Configuration—This table contains options that apply to
all LDAP authentication performed using this configuration. Cisco Secure
ACS uses the settings in this section regardless of whether the authentication
is handled by the primary or secondary LDAP server. This table contains the
following options:
–
User Directory Subtree—The distinguished name (DN) for the subtree
that contains all users. For example:
ou=
organizational unit
[,ou=
next organizational unit
]o=corporation.com
If the tree containing users is the base DN, type:
o=corporation.com
or
dc=corporation,dc=com
as applicable to your LDAP configuration. For more information, refer to
your LDAP database documentation.
–
Group Directory Subtree—The DN for the subtree that contains all
groups. For example:
ou=
organizational unit
[,ou=
next organizational unit
]o=corporation.com
If the tree containing groups is the base DN, type:
o=corporation.com
or
dc=corporation,dc=com
as applicable to your LDAP configuration. For more information, refer to
your LDAP database documentation.