Support User Manuals

Cisco Systems OL-24201-01 Camera Accessories User Manual

Open as PDF

of 650

8-27

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01

Chapter 8 Managing Users and Identity Stores

Managing External Identity Stores

Step 5 Continue with Configuring an External LDAP Server Connection, page 8-27.

Note NAC guest Server can also be used as an External LDAP Server. For procedure to use NAC guest server

as an External LDAP Server:

http://www.cisco.com/en/US/docs/security/nac/guestserver/configuration_guide/20/

g_sponsor.html#wp1070105.

Related Topic

• Deleting External LDAP Identity Stores, page 8-33

Configuring an External LDAP Server Connection

Use this page to configure an external LDAP identity store.

Step 1 Select Users and Identity Stores > External Identity Stores > LDAP, then click any of the following:

• Create and follow the wizard.

• Duplicate, then click Next. The Server Connection page appears.

• Edit, then click Next. The Server Connection page appears.

Table 8-7 LDAP: Server Connection Page

Option Description

Server Connection

Enable Secondary Server Check to enable the secondary LDAP server, to use as a backup in the event that the primary

LDAP server fails. If you check this check box, you must enter configuration parameters for

the secondary LDAP server.

Always Access Primary

Server First

Click to ensure that the primary LDAP server is accessed first, before the secondary LDAP

server is accessed.

Failback to Primary Server

After <min.> Minutes

Click to set the number of minutes that ACS authenticates using the secondary LDAP server

if the primary server cannot be reached, where <min.> is the number of minutes. After this

time period, ACS reattempts authentication using the primary LDAP server. (Default = 5.)

Primary Server

Hostname Enter the IP address or DNS name of the machine that is running the primary LDAP software.

The hostname can contain from 1 to 256 characters or a valid IP address expressed as a string.

The only valid characters for hostnames are alphanumeric characters (a to z, A to Z, 0 to 9),

the dot (.), and the hyphen (-).

Port Enter the TCP/IP port number on which the primary LDAP server is listening. Valid values

are from 1 to 65,535. The default is 389, as stated in the LDAP specification. If you do not

know the port number, you can find this information by referring to the administrator of the

LDAP server.

previous next