Cisco Cisco ASA 5580 Adaptive Security Appliance Technisches Handbuch
Example
Determine the User Search Base
In order to determine the user search base, complete these steps:
Log in to the Active Directory server as a domain administrator.
1.
Open a command prompt (choose Start > Run and enter cmd).
2.
Enter the dsquery command in order to determine the base Display Name (DN) for a known user.
Enter some of that information into the Directory configuration screen within Prime Security
Manager.
Enter some of that information into the Directory configuration screen within Prime Security
Manager.
3.
In this example, the dsquery command is entered in order to search for users who have a DN that begins with
'Jay'. The use of the '*' wildcard with the command returns the information for all users with a DN starting
with 'Jay':
'Jay'. The use of the '*' wildcard with the command returns the information for all users with a DN starting
with 'Jay':
This output can be used in order to determine the LDAP structure for the User search base within Prime
Security Manager.
Security Manager.
This example uses 'DC=csc−lab,DC=ciscotac,DC=com' as the appropriate User search base for the directory
configuration in PRSM.
configuration in PRSM.
Determine the Group Search Base
The procedure to determine the Group search base is similar to the procedure to determine the User search
base.
base.
Log in to the Active Directory server as a domain administrator.
1.
Open a command prompt (choose Start > Run and enter cmd).
2.
In order to determine the base DN for a known group, enter the dsquery command. Enter that
information on the Directory configuration screen.
information on the Directory configuration screen.
3.