{"id":1131,"date":"2013-06-19T13:11:11","date_gmt":"2013-06-19T12:11:11","guid":{"rendered":"http:\/\/www.kozeniauskas.com\/itblog\/?p=1131"},"modified":"2013-06-19T13:25:52","modified_gmt":"2013-06-19T12:25:52","slug":"ucs-ldap-nested-groups-are-not-working-with-ucs-manager","status":"publish","type":"post","link":"https:\/\/www.kozeniauskas.com\/itblog\/2013\/06\/19\/ucs-ldap-nested-groups-are-not-working-with-ucs-manager\/","title":{"rendered":"UCS: LDAP nested groups are not working with UCS Manager"},"content":{"rendered":"<p>So you have your LDAP autentication configured in Cisco UCS manager.<br \/>\nYou map group in UCS to LDAP group and add user to this LDAP group<br \/>\n<a href=\"http:\/\/www.kozeniauskas.com\/itblog\/files\/2013\/06\/23.jpg\"><img loading=\"lazy\" class=\"alignnone size-medium wp-image-1133\" alt=\"2\" src=\"http:\/\/www.kozeniauskas.com\/itblog\/files\/2013\/06\/23-262x300.jpg\" width=\"262\" height=\"300\" srcset=\"https:\/\/www.kozeniauskas.com\/itblog\/files\/2013\/06\/23-262x300.jpg 262w, https:\/\/www.kozeniauskas.com\/itblog\/files\/2013\/06\/23.jpg 406w\" sizes=\"(max-width: 262px) 100vw, 262px\" \/><\/a><br \/>\nTry to login with this user account to UCSM. Everything is working as expected.<br \/>\nYou remove the user from LDAP group add it to another LDAP group and add this Group to LDAP group that is mapped to UCS group(in other words you nest groups).<br \/>\n<a href=\"http:\/\/www.kozeniauskas.com\/itblog\/files\/2013\/06\/110.jpg\"><img loading=\"lazy\" class=\"alignnone size-medium wp-image-1132\" alt=\"1\" src=\"http:\/\/www.kozeniauskas.com\/itblog\/files\/2013\/06\/110-259x300.jpg\" width=\"259\" height=\"300\" srcset=\"https:\/\/www.kozeniauskas.com\/itblog\/files\/2013\/06\/110-259x300.jpg 259w, https:\/\/www.kozeniauskas.com\/itblog\/files\/2013\/06\/110.jpg 402w\" sizes=\"(max-width: 259px) 100vw, 259px\" \/><br \/>\n<\/a>When trying to login again, authentication fails.<\/p>\n<p>This is a known behaviour of UCS and is explained in more detail under bug id CSCtt44185. With UCS, nested groups should not be used, each group in LDAP must be mapped to a group in UCS.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So you have your LDAP autentication configured in Cisco UCS manager. You map group in UCS to LDAP group and add user to this LDAP group Try to login with this user account to UCSM. Everything is working as expected. You remove the user from LDAP group add it to another LDAP group and add [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[380,381,452],"tags":[319,466,318,465,498,413],"_links":{"self":[{"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/posts\/1131"}],"collection":[{"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/comments?post=1131"}],"version-history":[{"count":3,"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/posts\/1131\/revisions"}],"predecessor-version":[{"id":1135,"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/posts\/1131\/revisions\/1135"}],"wp:attachment":[{"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/media?parent=1131"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/categories?post=1131"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kozeniauskas.com\/itblog\/wp-json\/wp\/v2\/tags?post=1131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}