Hi all,
We are going to be switching our anyconnect users over to Duo in the not too distant future, but in the meantime I have a site where all users are connecting to a particular ASA using local users. As part of the prep for Duo, I need to change this to LDAP auth for that site - however, I can't change it all at once because there's tooo mannnyyyy users on that ASA.
Can I configure this for both ldap users AND local users while I migrate the users from local to ldap? I haven't been able to find a clear answer in the cisco docs, other than I found one reference that it can be set for ldap primary and local secondary, and if a user fails to match the ldap lookup it will check against local users.
Does anyone have direct experience and advice for setting that up?
Thanks!
No comments:
Post a Comment