Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Authenticate wireless users with Active Directory and NPS

Unanswered Question
Nov 13th, 2014
User Badges:

We currently have a wireless infrastructure consisting of 2702i access points and a 5508 controller. We have a guest (Internet only) SSID and also a private (corporate) SSID. We are currently using PSK for the corporate wireless but I would much rather have users authenticate through Active Directory. I have Googled this and see some people say it is possible using Server 2008 R2 and NPS.

Has anyone ever successfully deployed this solution? If so, I would greatly appreciate information on how to configure this. One key thing to note is that we do have non-domained devices that will still need to authenticate against user accounts in AD.

Thank you in advance,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
George Stefanick Fri, 11/14/2014 - 07:34
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, October 2015

Hi John,


You will have some reading to do my friend. I will outline the key components and the process with some links. 


802.1X - 

You are looking to do 802.1X (EAP). Whereby you leverage a radius server NPS and authenticate users against a database, in this case AD.  If you never done this before. Know that you will need to configure the radius side and also the client side. 



NPS - 




EAP - 

You will have to select an EAP type. The most common and widely supported is EAP-PEAPv0. It supports MsChapV2. I might suggest leading with EAP-PEAPv0.




You will need to configure your WLAN as 802.1X.




You will need to configure your clients with PEAP.



Hope this helps ..



John Woods Fri, 11/14/2014 - 19:36
User Badges:

George, thank you for the detailed reply. I will let you know how it goes.

Thank you,



This Discussion



Trending Topics - Security & Network