Good question. I don't have a good answer right now. Will get back with you.
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com/> www.ipexpert.com From: Kingsley Charles [mailto:[email protected]] Sent: Friday, April 16, 2010 2:26 AM To: Tyson Scott Cc: [email protected] Subject: Re: [OSL | CCIE_Security] LDAP clarification Hi Tyson Can you please let me know, when will we use " map-value" under ldap map. The map-name cmd maps the LDAP custom parameters to ASA's support LDAP attributes. I understand that. This map-value again maps the map-name to a cisco attribute. I don't get the purpose of it. With regards Kings On Thu, Apr 15, 2010 at 8:16 PM, Tyson Scott <[email protected]> wrote: Kingsley, This document really helps in knowing what values you will need. Of course it is for ASA but the concepts are the same. http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/extsv r.html Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: Thursday, April 15, 2010 8:13 AM To: [email protected] Subject: [OSL | CCIE_Security] LDAP clarification Hi all Vol 2 > Lab 15 > Sec 5.3 I am not getting the exact picture of LDAP. I am aware of that LDAP originated from the telephony services that used X.500 DAP directories. It is actually an hierarchy. But when I relate it to Windows LDAP, I get confused. If you go to ACS > External Database and try to configure a LDAP, the following parameters are required to be entered. Can someone exaplain, these parameters. User Directory Subtree Group Directory Subtree UserObjectType UserObjectClass GroupObjectType GroupObjectClass Group Attribute Name Hostname Port Default is 389 LDAP Version Use LDAP V3 Admin DN Password dn is disinguished name, cn is common name, dc is component. "User Directory Subtree" is the container in which the user account is present. "Group Directory Subtree" is the container in which group the user is present. In the Vol 2 > Lav 16 > Sec 5.3, I see some parameters for LDAP. Can someone please explain, the important parameters that we need to understand with respect to CCIE. With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
