We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now


Configuring ASA5505 to work with Win2K3 AD with LDAP lookup

Medium Priority
Last Modified: 2012-05-11

I am working with another vendor to setup an ASA5505 to accept client VPN via LDAP to a Win2K3 SP2 Active Directory.  The Cisco vendor tells me that, to do this properly, we need to do a few things.
1.  Need an LDAP username in Account Operators AD group (to enable the password management feature)
2.  For password management, LDAP server must be configured for Secure LDAP (LDAP-S on port 636) or SASL MD5
3.  Fully qualified DN (all cn=, ou=, dc= fields) for the ASA username
4.  Fully qualified path to user container (all ou=,dc= fields)
    ASA will search for memberOf status of a group, so VPN users will need to be in a group, and I need that group name (again, fully qualified)

My question is, how to do item 2?  Never done it before.  Items 1, 3 and 4 are done.

Thanks in advance.
Watch Question

Senior infrastructure engineer
Top Expert 2012
Unlock this solution and get a sample of our free trial.
(No credit card required)
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.