Specifications
7-30
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 7 User Management: Configuring Authentication Servers
Authenticating Against a Backend Active Directory
Figure 7-21 Example New LDAP Server for AD
6.
The following fields are all that is necessary to properly set up this auth server within the CAM:
a. Description: Used just for reference.
b. ServerURL: ldap://192.168.137.10:3268 – This is the domain controller IP address and default
Microsoft Global Catalog port for AD.
Note When using LDAP to connect to the AD server, Cisco recommends using TCP/UDP port
3268 (the default Microsoft Global Catalog port) instead of the default port 389. This allows
for a more efficient search of all directory partitions in both single and multi domain
environments.
c. Search(Admin) Full DN: CN=sheldon muir, CN=Users, DC=domainname, DC=com
d. Search Base Context: DC=domainname, DC=com
e. Default Role: Select the default role a user will be put into once authenticated.
f. Provider Name: This is the name of the LDAP server used for User Page setup on the CAM.
g. Search Password: sheldon muir’s domain password
h. Search Filter: SAMAccountName=$user$
7. Click Add Server.
8. At this point, an authentication test using the Auth Test feature should work (see Auth Test,
page 7-39).
Note You can also use an LDAP browser (e.g. http://www.tucows.com/preview/242937) to validate your
search credentials first.