Figure c-3 – Cisco ASA 5505 User Manual
Page 1915
C-17
Cisco ASA 5500 Series Configuration Guide using the CLI
Appendix C Configuring an External Server for Authorization and Authentication
Configuring an External LDAP Server
Step 2
Click the General tab and enter banner text in the Office field, which uses the AD/LDAP attribute
physicalDeliveryOfficeName.
Figure C-3
LDAP User Configuration
Step 3
Create an LDAP attribute map on the ASA.
The following example creates the map Banner and maps the AD/LDAP attribute
physicalDeliveryOfficeName to the Cisco attribute Banner1:
hostname(config)# ldap attribute-map Banner
hostname(config-ldap-attribute-map)# map-name physicalDeliveryOfficeName Banner1
Step 4
Associate the LDAP attribute map to the AAA server.
The following example enters the aaa server host configuration mode for the host 10.1.1.2 in the AAA
server group MS_LDAP, and associates the attribute map Banner that you created in Step 3:
hostname(config)# aaa-server MS_LDAP host 10.1.1.2
hostname(config-aaa-server-host)# ldap-attribute-map Banner
Step 5
Test the banner enforcement.
The following example shows a clientless SSL connection and the banner enforced through the attribute
map after the user authenticates (see