• Microsoft Active Directory
• LDAP over Secure Sockets Layer (SSL) supports only SSL version 3 and Transport Layer Security (TLS)
version 1.
• If you have a user account configured on the local Cisco NX-OS device that has the same name as a
remote user account on a AAA server, the Cisco NX-OS software applies the user roles for the local user
account to the remote user, not the user roles configured on the AAA server.
Default Settings for LDAP
This table lists the default settings for LDAP parameters.
DefaultParameters
DisabledLDAP
First search and then bindLDAP authentication method
PlainLDAP authentication mechanism
0 minutesDead-time interval
5 secondsTimeout interval
60 minutesIdle timer interval
testPeriodic server monitoring username
CiscoPeriodic server monitoring password
Configuring LDAP
This section describes how to configure LDAP on a Cisco NX-OS device.
LDAP Server Configuration Process
You can configure LDAP servers by following this configuration process.
1. Enable LDAP.
2. Establish the LDAP server connections to the Cisco NX-OS device.
3. If needed, configure LDAP server groups with subsets of the LDAP servers for AAA authentication
methods.
4. (Optional) Configure the TCP port.
5. (Optional) Configure the default AAA authorization method for the LDAP server.
6. (Optional) Configure an LDAP search map.
7. (Optional) If needed, configure periodic LDAP server monitoring.
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
109
Configuring LDAP
Default Settings for LDAP
To Next Page
Loading...
