We help IT Professionals succeed at work.
Get Started

Active Directory LDAP auth with DHCP reservation

1,283 Views
Last Modified: 2012-06-27
Hey experts, I wonder if any of you has done this before:  I want to use Cisco ASA's AAA feature to perform an LDAP query into active directory to authenticate ssl vpn clients, AnyConnect Essentials clients, to be exact.  That part is easy enough.

Can I also set a DHCP reservation in the active directory so that I can force connecting clients to always get the same IP address, can we push that out in an LDAP query?  I won't have the mac address of clients, mind you, and the DCs wouldn't see that information anyway.  If I can't do it using LDAP, can I do it using built in ISA RADIUS and MS Cert Svcs?  

Bear in mind, I'm setting up a separate domain just for this auth, I can set it up with server 2003 or 2008, I don't have to worry about interoperability with any other application or other function of windows server; no exchange, no local clients, no sql, no nothing.  

But dynamic dns and hostname resolution is not an option; queries to these connected hosts are going to be made using IP address, no way around it.  --TX
Comment
Watch Question
Principal Systems Administrator
Commented:
This problem has been solved!
Unlock 1 Answer and 3 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE