Tech Tip: Configuring LDAP End-User Authentication in Enterasys NAC
When using remediation and registration web services with the Enterasys Network Access Control (NAC) solution, end-user authentication can be performed by a few different methods. Among these methods are LDAP, MAC Authentication, Web authentication (PWA) or RADIUS. If LDAP is your preferred method, here’s an example to help you configure it.
Using LDAP, as configured on the MAC Registration tab and ultimately deployed to a NAC Gateway, you will find four LDAP options on the tab that need to be configured:
- LDAP server IP address,
- LDAP port number,
- LDAP Prefix, and
- LDAP Suffix.
Here is an example pertaining to the syntax for LDAP Prefix and LDAP Suffix:
- An Active Directory / Domain Controller for demo.com has end-user accounts located in the Accounts/Users/Students Organization Unit (OU).
- In NAC Manager's Web Services configuration, the LDAP prefix would be configured as "cn=" and the suffix as:
,ou=students,ou=users,ou=accounts,dc=demo,dc=com - After this syntax is configured, deploy the configuration to the NAC Gateway.
If you would like to learn more about the Enterasys NAC solution, schedule a demo or click here.