Cisco ASA 5505 Configuration Manual page 663

Asa 5500 series

Hide thumbs Also See for ASA 5505:

Getting started manual (168 pages)

Administrator's manual (118 pages)

Hardware installation manual (82 pages)

Table of Contents

Configuring AAA Servers and the Local Database

Group Base DN

Group Search Timeout

HTTP Form Server Fields

This area appears only when the selected server group uses HTTP Form, and only the server group name

and the protocol are visible. Other fields are not available when using HTTP Form.

If you do not know what the following parameters are, use an HTTP header analyzer to extract the data

from the HTTP GET and POST exchanges when logging into the authenticating web server directly, not

through the adaptive security appliance.

The following table describes the unique fields for configuring HTTP Form servers, for use with the

"Adding a Server to a Group" section on page

Used only for Active Directory servers using LDAP protocol. This DN

specifies the location in the LDAP hierarchy to begin searching for the

AD groups (that is, the list of memberOf enumerations). If this field is

not configured, the adaptive security appliance uses the Base DN for AD

group retrieval.

ASDM uses the list of retrieved AD groups to define AAA selection

criteria for dynamic access policies. For more information, see the show

ad-groups command.

Specifies the maximum time to wait for a response from an AD server that

was queried for available groups.

The complete URL of the authenticating web server location where a

pre-login cookie can be retrieved. This parameter must be configured

only when the authenticating web server loads a pre-login cookie with

the login page. A drop-down list offers both HTTP and HTTPS. The

maximum number of characters is 1024, and there is no minimum.

The complete Uniform Resource Identifier for the authentication

program on the authorizing web server. The maximum number of

characters for the complete URI is 2048 characters.

The name of a username parameter—not a specific username—that

must be submitted as part of the HTTP form used for SSO

authentication. The maximum number of characters is 128, and there is

The name of a user password parameter—not a specific password

value—that must be submitted as part of the HTTP form used for SSO

authentication. The maximum number of characters is 128, and there is

Cisco ASA 5500 Series Configuration Guide using ASDM

Configuring AAA Server Groups

Show Quick Links

Chapters

Table of Contents

Asa 5510 Asa 5540 Asa 5520 Asa 5550 Asa 5580

Cisco ASA 5505 Configuration Manual page 663

Hide quick links:

Chapters

Related Manuals for Cisco ASA 5505

Related Products for Cisco ASA 5505

This manual is also suitable for:

Table of Contents