10-28-2013 03:44 AM - edited 03-10-2019 09:02 PM
Only the protocols below are supported by ise in combination with ldap identity sources.
EAP-GTC, PAP, EAP-TLS, PEAP-TLS.
Mac OS devices seem to be able to use these but Windows users seem to be having problems. How should windows users connect with ise that only uses ldap?
Solved! Go to Solution.
10-28-2013 05:52 AM
You can use the anyconnect network access manager. Just out of curiosity why ldap over joining ise to AD?
Sent from Cisco Technical Support Android App
10-28-2013 03:53 AM
The Windows supplicant supports EAP-TLS when you select certificates as the auth method. (you of course needs client side certs issued to windows user to use EAP-TLS though)
10-28-2013 05:31 AM
That doesn't seem to be very user friendly
10-28-2013 05:52 AM
You can use the anyconnect network access manager. Just out of curiosity why ldap over joining ise to AD?
Sent from Cisco Technical Support Android App
10-28-2013 06:30 AM
Do you still need the certificates then with the network access manager? We need to strip of everything after the @ sign. I know you can connect with an AD through LDAP external identity source but because of our complicated AD structure this isn't possible.
10-28-2013 09:34 AM
Mathieu,
Take a look at the user guide for NAM -
You will see the protocols support like GTC that should allow you not to have to deploy certs.
Thanks.
Tarik Admani
*Please rate helpful posts*
10-29-2013 06:26 AM
I can't ask the users to install something. The reason I use LDAP is because I need to strip of some data in the username starting from the @ sign. Unfortunately LDAP is the only way to go to do this isn't it?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide