Cisco Cisco ASA 5580 Adaptive Security Appliance Technical Manual
[105] userPrincipalName: value = kate@ftwsecurity.cisco.com
[105] objectCategory: value = CN=Person,CN=Schema,CN=Configuration,
DC=ftwsecurity,DC=cisco,DC=com
[105] dSCorePropagationData: value = 20070815195237.0Z
[105] dSCorePropagationData: value = 20070815195237.0Z
[105] dSCorePropagationData: value = 20070815195237.0Z
[105] dSCorePropagationData: value = 16010108151056.0Z
[105] Fiber exit Tx=685 bytes Rx=2690 bytes, status=1
[105] Session End
In this debug, the user ben is assigned the ExamplePolicy2 group policy because he is a
member of the Contractors group. This debug also shows that ben is member of the TheOthers
group, but that attribute is not mapped, so it is ignored.
member of the Contractors group. This debug also shows that ben is member of the TheOthers
group, but that attribute is not mapped, so it is ignored.
ciscoasa#debug ldap 255
debug ldap enabled at level 255
ciscoasa#
[106] Session Start
[106] New request Session, context 0xd5481808, reqType = 1
[106] Fiber started
[106] Creating LDAP context with uri=ldap://192.168.1.2:389
[106] Connect to LDAP server: ldap://192.168.1.2:389, status = Successful
[106] defaultNamingContext: value = DC=ftwsecurity,DC=cisco,DC=com
[106] supportedLDAPVersion: value = 3
[106] supportedLDAPVersion: value = 2
[106] supportedSASLMechanisms: value = GSSAPI
[106] supportedSASLMechanisms: value = GSS-SPNEGO
[106] supportedSASLMechanisms: value = EXTERNAL
[106] supportedSASLMechanisms: value = DIGEST-MD5
[106] Binding as administrator
[106] Performing Simple authentication for admin to 192.168.1.2
[106] LDAP Search:
Base DN = [dc=ftwsecurity, dc=cisco, dc=com]
Filter = [sAMAccountName=ben]
Scope = [SUBTREE]
[106] User DN = [CN=Ben Linus,CN=Users,DC=ftwsecurity,DC=cisco,DC=com]
[106] Talking to Active Directory server 192.168.1.2
[106] Reading password policy for ben, dn:CN=Ben Linus,CN=Users,DC=ftwsecurity,
DC=cisco,DC=com
[106] Read bad password count 0
[106] Binding as user
[106] Performing Simple authentication for ben to 192.168.1.2
[106] Checking password policy for user ben
[106] Binding as administrator
[106] Performing Simple authentication for admin to 192.168.1.2
[106] Authentication successful for ben to 192.168.1.2
[106] Retrieving user attributes from server 192.168.1.2
[106] Retrieved Attributes:
[106] objectClass: value = top
[106] objectClass: value = person
[106] objectClass: value = organizationalPerson
[106] objectClass: value = user
[106] cn: value = Ben Linus
[106] sn: value = Linus
[106] givenName: value = Ben
[106] distinguishedName: value = CN=Ben Linus,CN=Users,DC=ftwsecurity,
DC=cisco,DC=com
[106] instanceType: value = 4
[106] whenCreated: value = 20070815160840.0Z
[106] whenChanged: value = 20070815195243.0Z
[106] displayName: value = Ben Linus
[106] uSNCreated: value = 16463
[106] memberOf: value = CN=TheOthers,CN=Users,DC=ftwsecurity,DC=cisco,DC=com
[106] mapped to IETF-Radius-Class: value = CN=TheOthers,CN=Users,