Configuring LDAP Authentication with Cisco APIC Controller

Local user databases are great, until you have a few dozen of them. Your lab environment probably has a few users (such as yourself), and some of you might even be sharing the “admin” account, at least until Kyle breaks the fabric again and doesn’t tell anyone and all you see is an audit trail … More Configuring LDAP Authentication with Cisco APIC Controller

An ldapsearch(1) Quick-Reference for ACI Admins

For network guys configuring LDAP Authentication on the Cisco APIC Controller, it can be useful to query an LDAP server when configuring or troubleshooting LDAP Authentication. This page shows how ldapsearch(1) can be used to query a directory for information. Basic Terms LDAP – Lightweight Directory Access Protocol. LDAP Schema – organization of information stored … More An ldapsearch(1) Quick-Reference for ACI Admins

LDAP Schemas: RFC2307 vs RFC2307bis

RFC2307 was written in 1998 to define a schema for representing NIS information (such as Unix account attributes such as UID, home directory, etc) in an LDAP-based directory. A later draft called RFC2307bis was introduced and adopted by some major Unix vendors, but never left draft stage. Microsoft’s Active Directory adopted RFC2307 attributes for Unix … More LDAP Schemas: RFC2307 vs RFC2307bis

STP and ACI: Intermittent packet loss due to TCNs

One issue that can arise when we connect ACI and Legacy STP environments is intermittent packet loss to ACI endpoints due to Spanning-tree TCNs. TCNs will trigger ACI to flush endpoints in the EPG on which the TCN was received. ACI does re-learn the endpoints based on normal data-plane learning, but if the TCNs are … More STP and ACI: Intermittent packet loss due to TCNs