EasyManua.ls Logo

Cisco 2509 - Router - EN - Page 434

Cisco 2509 - Router - EN
686 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Chapter 11 Working with User Databases
Generic LDAP
11-26
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Group Attribute NameThe name of the attribute of the group record
that contains the list of user records that are a member of that group.
Server TimeoutThe number of seconds Cisco Secure ACS waits for a
response from an LDAP server before determining that the connection
with that server has failed.
On Timeout Use SecondaryWhether Cisco Secure ACS performs
failover of LDAP authentication attempts. For more information about
the LDAP failover feature, see LDAP Failover, page 11-20.
Failback Retry DelayThe number of minutes after the primary LDAP
server fails to authenticate a user that Cisco Secure ACS resumes sending
authentication requests to the primary LDAP server first. A value of 0
(zero) causes Cisco Secure ACS to always use the primary LDAP server
first.
Primary and Secondary LDAP ServersThe Primary LDAP Server table
and the Secondary LDAP Server table enable you to identify the LDAP
servers and make settings that are unique to each. The Secondary LDAP
Server table does not need to be completed if you do not intend to use LDAP
failover. These tables contain the following options:
HostnameThe name or IP address of the server that is running the
LDAP software. If you are using DNS on your network, you can type the
hostname instead of the IP address.
PortThe TCP/IP port number on which the LDAP server is listening.
The default is 389, as stated in the LDAP specification. If you do not
know the port number, you can find this information by viewing those
properties on the LDAP server. If you want to use secure authentication,
port 636 is usually used.
LDAP VersionWhether Cisco Secure ACS uses LDAP version 3 or
version 2 to communicate with your LDAP database. If this check box is
selected, Cisco Secure ACS uses LDAP version 3. If it is not selected,
Cisco Secure ACS uses LDAP version 2.
SecurityWhether Cisco Secure ACS uses SSL to provide more secure
communication with the LDAP server. If you do not enable SSL, user
credentials are passed to the LDAP server in clear text.

Table of Contents

Related product manuals