Configuring Console Port Server to use LDAP

Anonymous user · ‎2021-06-28

I have a AP9303 Console Port server and can configure that to use our LDAP server for user login. I can't seem to get it to work for groups that exist in our LDAP server. The manual states you can do this.
I have specified the IP address of the LDAP server and the base.

Any ideas?
thanks

Erasmus_apc · ‎2021-06-28

If it is at least communicating with the LDAP server and working among authorized groups within the CPS itself, there's not much more we can troubleshoot. It sounds more like an LDAP configuration issue, which APC does not do tech. support for.

I was provided this LDAP KBase from Microsoft's website, which may help troubleshoot some LDAP issues you have:

http://support.microsoft.com/?id=321051

Also, did you follow the manual's directions exactly in regards to setting up communication to auth. groups on the LDAP server?

Configuring an LDAP Authentication Server
On the server, edit the “info” attribute for the user and add the following syntax.
+info: group_name=[,,...,];+

*Configuring the authorization on CPS to access the serial ports [CLI]*
1. In CLI mode, enter the following string:
cli > config physicalports access users/groups
or group names separated by commas>

2. Save the configuration to flash
cli > config > savetoflash

See Answer In Context

Erasmus_apc · ‎2021-06-28

I will be researching this issue and respond back shortly.

Anonymous user · ‎2021-06-28

Thanks for looking into this. If there is any additional information just let me know. It does work fine authenticating users in LDAP and local groups defined in the Console Port Server it's self.

Erasmus_apc · ‎2021-06-28

If it is at least communicating with the LDAP server and working among authorized groups within the CPS itself, there's not much more we can troubleshoot. It sounds more like an LDAP configuration issue, which APC does not do tech. support for.

I was provided this LDAP KBase from Microsoft's website, which may help troubleshoot some LDAP issues you have:

http://support.microsoft.com/?id=321051

Also, did you follow the manual's directions exactly in regards to setting up communication to auth. groups on the LDAP server?

Configuring an LDAP Authentication Server
On the server, edit the “info” attribute for the user and add the following syntax.
+info: group_name=[,,...,];+

*Configuring the authorization on CPS to access the serial ports [CLI]*
1. In CLI mode, enter the following string:
cli > config physicalports access users/groups
or group names separated by commas>

2. Save the configuration to flash
cli > config > savetoflash