Values that need to be entered in the LDAP config page to access a LDAP service on a Active Directory Server..
Check out pages 36/37 of the draft deployment guide
Step 1 In the Home window, click the Settings button at the top right corner of the screen. The Settings window then appears.
Step 2 Click LDAP Credentials in the Settings navigation pane to view the LDAP Credentials window.
Step 3 In the LDAP Credentials window, enter your LDAP username.
Step 4 Enter your LDAP password.
Step 5 Enter the LDAP server URL address. For example, enter a URL address such as ldap://ldap.cisco.com:389.
Step 6 Enter the security principal. The security principal is the name of the user or program performing authentication. For example, enter a value such as OU=active, OU=employees, OU=people, O=cisco.com.
Step 7 Enter the security authentication. The security authentication is the mechanism to use. For example, enter a value such as simple or SASL.
Step 8 Enter the Group Attribute. For example, enter a value such as group membership.
Step 9 Click the Add button to save your LDAP configuration to the Cisco APIC-EM database.
The LDAP setttings are for group information. Identity information is obtained through PxGrid (Cisco Identity Services Manager) or radius proxy.
The controller does not access any user identity information from Active Directory.