Configure Ldap Via Gui - Cisco Firepower 4110 Preparative Procedures & Operational User Manual
Firepower 4100 series; firepower 9000 series
Hide thumbs
Also See for Firepower 4110:
- Hardware installation manual (84 pages) ,
- Manual (26 pages) ,
- Getting started (42 pages)
Table of Contents
Advertisement
Cisco Preparative Procedures & Operational User Guide
8) Commit the transaction to the system configuration:
Firepower-chassis /security/tacacs/server # commit-buffer
4.4.6 Configure LDAP via GUI
1) Choose
Platform Settings
2) Click the
LDAP
tab.
3) For each LDAP provider that you want to add:
a) In the
LDAP Providers
b) In the
Add LDAP Provider
Name
Hostname/FDQN (or IP
Address)
field
Order
field
Bind DN
field
Base DN
field
Port
field
Enable SSL
check box
Filter
field
© 2016 Cisco Systems, Inc. All rights reserved.
> AAA.
area, click Add.
dialog box, complete the following fields:
Description
The hostname or IP address on which the LDAP provider resides. If
SSL is enabled, this field must exactly match a Common Name
(CN) in the security certificate of the LDAP database.
The order in which the Firepower eXtensible Operating System
uses this provider to authenticate users.
Enter an integer between 1 and 16, or enter lowest-available or 0
(zero) if you want the Firepower eXtensible Operating System to
assign the next available order based on the other providers defined
in Firepower Chassis Manager or the FXOS CLI.
The distinguished name (DN) for an LDAP database account that
has read and search permissions for all objects under the base DN.
The maximum supported string length is 255 ASCII characters.
The specific distinguished name in the LDAP hierarchy where the
server should begin a search when a remote user logs in and the
system attempts to get the user's DN based on their username. The
length of the base DN can be set to a maximum of 255 characters
minus the length of CN=$userid, where $userid identifies the
remote user attempting to access Firepower Chassis Manager or the
FXOS CLI using LDAP authentication.
This value is required unless a default base DN has been set on the
LDAP
tab.
The port through which Firepower Chassis Manager or the FXOS
CLI communicates with the LDAP database. The standard port
number is 389.
If checked, encryption is required for communications with the
LDAP database. If unchecked, authentication information will be
sent as clear text.
LDAP uses STARTTLS. This allows encrypted communication
using port 389.
The LDAP search is restricted to those user names that match the
defined filter.
This value is required unless a default filter has been set on the
- Quick Links:
- Configure Ssh Via Cli
Hide quick links:
Advertisement
Table of Contents
