![]() ![]() So, assuming your AD server(s) that the Cisco ASA is authenticating against is already setup, you need to ensure that your AAA Settings for LDAP is set to use port 636. I’ve already covered how to set that up in another post see the following article. Your AD server needs to be able to authenticate via LDAPS, by default it will not. Standard LDAP runs over TCP port 389, to allow the ASA to reset the password for the users, it needs to be connected via LDAPS ((TCP Port 636). If your Cisco ASA is using LDAP to authenticate your users, then you can use your remote An圜onnect VPN solution to let them reset their passwords remotely. If you have remote users who connect via VPN, and a policy that forces them to change their password periodically, this can result in them getting locked out without the ability to change their password (externally). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |