How to configure Cisco UCS for LDAP and Active Directory authentication

Posted by on June 9, 2011 in Cisco, Cisco UCS, Hardware | 2 comments

I was helping out a team member with setting up AD authentication on a UCS chassis in our internal lab. It looked to be a pretty easy task but turned out to be a dog fight. In the end it was easy but I found a few errors in the Cisco document that explains how to configure LDAP for Cisco UCS. I will point out the items that caused me grief.

In the end its now working as expected and is a great feature to put to use. With so many different pieces of equipment in your environments being able to have a unified log in is much better than trying to remember 20 different local ID’s.

You can download and view a copy of the LDAP for Cisco UCS guide from here or a Google search will turn up the same thing.

Error #1

In the “Creating LDAP Provider” section the main part that tripped me up was the following.

If you refer to the image below shows the highlighted portion according to the document. I have updated the instruction below. Once I changed this the authentication worked immediately. Before changing it would just fail and according to the logs on the AD server it was not even making the attempt and failing.

c) This should be the string for the Bind user that you created earlier in the document. Example below

BindDN value is CN=ucsbind,OU=CiscoUCS,DC=sampledesign,DC=com

Error #2

This section in the collecting information section was also wrong. It did not cause me any issues but did require me to go back and read things a few more times to make sure.

In part d it references OU=CiscoUsers in the string. But the instructions never requested us to create this OU. It should just be the OU=CiscoUCS that you did create. Nothing to cause you issue just to clear things up.

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

2 Comments

  1. The resolution to Error 1 is just on the dot… It was precisely this issue which was stopping the UCS authentication on the domain in my case as well.
    Thanks for the write up and the solution..

  2. If people can’t recognise these obvious errors in the guide, they shouldn’t be configuring UCS. Perhaps working in help desk is a more suitable occupation for these people.

    As a result of people making such idiotic mistakes, blogs get polluted with posts like this one. Stop wasting people’s time by useless posts like this one!

Leave a Reply

%d bloggers like this: