5-34
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 5 Configuring Security Solutions
Configuring LDAP
Figure 5-18 LDAP Servers > New Page
Step 3
If you are adding a new server, choose a number from the Server Index (Priority) drop-down box to
specify the priority order of this server in relation to any other configured LDAP servers. You can
configure up to seventeen servers. If the controller cannot reach the first server, it tries the second one
in the list and so on.
Step 4 If you are adding a new server, enter the IP address of the LDAP server in the Server IP Address field.
Step 5 If you are adding a new server, enter the LDAP server’s TCP port number in the Port Number field. The
valid range is 1 to 65535, and the default value is 389.
Step 6 Check the Enable Server Status check box to enable this LDAP server or uncheck it to disable it. The
default value is disabled.
Step 7 From the Simple Bind drop-down box, choose Anonymous or Authenticated to specify the local
authentication bind method for the LDAP server. The Anonymous method allows anonymous access to
the LDAP server whereas the Authenticated method requires that a username and password be entered
to secure access. The default value is Anonymous.
Step 8 If you chose Authenticated in Step 7, follow these steps:
a. In the Bind Username field, enter a username to be used for local authentication to the LDAP server.
The username can contain up to 80 characters.
Note If the username starts with “cn=” (in lowercase letters), the controller assumes that the
username includes the entire LDAP database path and therefore does not append the user
base DN. This designation allows the authenticated bind user to be outside the user base DN.
b. In the Bind Password and Confirm Bind Password fields, enter a password to be used for local
authentication to the LDAP server. The password can contain up to 32 characters.
Step 9 In the User Base DN field, enter the distinguished name (DN) of the subtree in the LDAP server that
contains a list of all the users. For example, ou=organizational unit, .ou=next organizational unit, and
o=corporation.com. If the tree containing users is the base DN, type o=corporation.com or
dc=corporation,dc=com.
Step 10 In the User Attribute field, enter the name of the attribute in the user record that contains the username.
You can obtain this attribute from your directory server.
Step 11 In the User Object Type field, enter the value of the LDAP objectType attribute that identifies the record
as a user. Often, user records have several values for the objectType attribute, some of which are unique
to the user and some of which are shared with other object types.
To Next Page
Loading...
Need help?
General
