Filter
Top Products
4-8
Cisco NAC Guest Server Installation and Configuration Guide
OL-15986-01
Chapter 4 Configuring Sponsor Authentication
Configuring Active Directory (AD) Authentication
Figure 4-9 Edit DC Settings
Step 4 Modify settings as needed:
• User Account Suffix—Edit the User Account Suffix and include the leading @, for example:
@cca.cisco.com. Every AD user has a full user logon name that appears as “username@domain.”
To allow sponsors not to have to type their full user logon name, type the @domain part (including
the @ symbol) in this field.
• Domain Controller IP Address—Edit the IP address for the domain controller. This is the IP address
of the DC against which the sponsor authenticates.
• Base DN—Edit the Base Distinguished Name (DN) of the domain controller. This is the name of
the root of the directory tree. It is used so that when group searches are performed, the Guest Server
knows from where to start. An example of the base DN for the domain cca. cisco.com is
DC=cca,DC=cisco,DC=com.
• AD Username—Edit the username that has permissions to search the Active Directory using LDAP.
This allows the Guest Server find out details about users such as the list of groups to which they
belong.
Note If you do not want to change the password, leaving both password entries empty preserves the
existing password.
• AD Password—Edit the password for that AD user account that has search permissions.
• Confirm AD Password—Retype the password to make sure it is correct.
• Status—Select the status of the Domain Controller. If it is set to Active, the Guest Server will use
it for authenticating sponsors. If it is set to Disabled, it will not be used.
Step 5 Optionally click the Test Connection button to verify the settings are correct for the domain controller.
The Test Connection will authenticate with the specified AD Username and Password to verify the
settings.
Step 6 Click the Save Settings button.