Specifications
7-19
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 7 User Management: Configuring Authentication Servers
Adding an Authentication Provider
Step 1 Go to User Management > Auth Servers > Lookup Servers > New.
Step 2 From the Authentication Type dropdown menu, choose LDAP.
Figure 7-12 Add LDAP Auth Server—GSSAPI Authentication Mechanism
Step 3
Provider Name—Type a unique name for this authentication provider. Enter a meaningful or
recognizable name if web login users will be able to select providers from the web login page.
Step 4 Description—Enter an optional description of this auth server for reference.
Step 5 Server URL—Type the URL of the LDAP server, in the form:
ldap://<directory_server_name>:<port_number>
If no port number is specified, 389 is assumed.
Note When using LDAP to connect to the AD server, Cisco recommends using TCP/UDP port 3268 (the
default Microsoft Global Catalog port) instead of the default port 389. This allows for a more efficient
search of all directory partitions in both single and multi domain environments.
You can add redundancy for LDAP Authentication servers by entering multiple LDAP URLs in the
Server URL field separated by a space, for example:
ldap://ldap1.abc.com ldap://ldap2.abc.com ldap://ldap3.abc.com