I'm attempting to enable ldap authentication for out pix firewall. No problems there.
What I am having a problem with is limiting it to a certain OU in active directory.
I've followed these directions
Which allow the user in, but it also lets someone that isn't in the security group in too.
This article is closer to what I want to do.
But, the way I'm attempting to get it to work is if your included in the memberOf grand access, if not then no access.
The second directions say to map this value
map-value msNPAllowDialin FALSE NOACCESS
But, I'm unsure what value mapped to
map-value memberOf (some ldap oU) NOACCESS
To make that value false.