Cisco Systems Servers Manuale Utente
Chapter 11 Working with User Databases
Generic LDAP
11-16
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Figure 11-3 Using an LDAP Server for Authentication
Multiple LDAP Instances
You can create several LDAP configurations in Cisco Secure ACS. For each
LDAP configuration, you can add or leave it out of the Unknown User Policy.
Also for each LDAP configuration, you can establish unique group mapping.
LDAP configuration, you can add or leave it out of the Unknown User Policy.
Also for each LDAP configuration, you can establish unique group mapping.
Cisco Secure ACS does not require that each LDAP instance corresponds to a
unique LDAP database. You can have more than one LDAP configuration set to
access the same database. This is useful when your LDAP database contains more
than one subtree for users or groups. Because each LDAP configuration supports
only one subtree directory for users and one subtree directory for groups, you
must configure separate LDAP instances for each user directory subtree and group
directory subtree combination for which Cisco Secure ACS should submit
authentication requests.
unique LDAP database. You can have more than one LDAP configuration set to
access the same database. This is useful when your LDAP database contains more
than one subtree for users or groups. Because each LDAP configuration supports
only one subtree directory for users and one subtree directory for groups, you
must configure separate LDAP instances for each user directory subtree and group
directory subtree combination for which Cisco Secure ACS should submit
authentication requests.