[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 431
  • Last Modified:

Configuring ASA5505 to work with Win2K3 AD with LDAP lookup


I am working with another vendor to setup an ASA5505 to accept client VPN via LDAP to a Win2K3 SP2 Active Directory.  The Cisco vendor tells me that, to do this properly, we need to do a few things.
1.  Need an LDAP username in Account Operators AD group (to enable the password management feature)
2.  For password management, LDAP server must be configured for Secure LDAP (LDAP-S on port 636) or SASL MD5
3.  Fully qualified DN (all cn=, ou=, dc= fields) for the ASA username
4.  Fully qualified path to user container (all ou=,dc= fields)
    ASA will search for memberOf status of a group, so VPN users will need to be in a group, and I need that group name (again, fully qualified)

My question is, how to do item 2?  Never done it before.  Items 1, 3 and 4 are done.

Thanks in advance.
1 Solution
Ernie BeekCommented:

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now