Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4373
Views
30
Helpful
5
Replies

Integrate WLC & Active Directory

taufeeq taufeeq
Level 1
Level 1

‎08-12-2013 01:08 AM - edited ‎07-04-2021 12:38 AM

Hi,

Iam trying to find that how can i configure WLC to authenticate the wireless clietns based in the username and password from Active Directory.

Please suggest.

Regards,

Taufeeq.

2 people had this problem
Labels:
0 Helpful
5 Replies 5

Ravi Singh
Level 7
Level 7

‎08-20-2013 03:19 AM

As I know WLC can only work with a LDAP database but not Microsoft AD.

The below link will provide the config example and also depth  understanding on the requirements, please go through the link atleast  once..

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a03e09.shtml

Chris Illsley
Level 3
Level 3

‎08-20-2013 03:55 AM

Yes, LDAP or RADIUS, you can use FreeRADIUS if you don't want to buy a RADIUS server.

Thanks

Chris

Edit:  To correct punctuation.

Abhishek Abhishek
Cisco Employee
Cisco Employee
In response to Chris Illsley

‎08-20-2013 12:29 PM

Hello,

As per your query i can suggest  you the following solution-

WLC will work with LDAP not AD with RADIUS protocol.

Hope this will help you.

Ric Beeching
Level 7
Level 7
In response to Abhishek Abhishek

‎08-21-2013 12:01 AM

Hi Taufeeq,

I am not sure Abishek and Ravi provided correct answers however Mooncat did (in my opinion).

You can configure WLANs to authenticate through various different methods including:

  • RADIUS
  • LDAP
  • Local (Based on WLC)

Additionally, you can configure different ways to auth those users. For example I have a couple of networks setup in different ways:

1. 802.1x Security linked to a RADIUS server with the WLC configured as a Radius Client and shared secrets setup etc. This authenticates my AD users through NPS (Network Policy Server) installed on a Windows 2008 server.

2. Web authentication pass through linked to both local (on WLC) and RADIUS. In this setup there are local users I've setup on my WLC who can log in to the guest portal or alternatively any AD user can also log in as I have setup RADIUS as my secondary method of authentication for that WLAN.


3. Web authentication pass through linked to an LDAP server -> I tried this and actually found it tricky to implement for what I wanted it for. I ended up going for the RADIUS installation instead as it was more flexible but it does work as well!

I hope that helps.

Thanks,

Ric

-----------------------------
Please rate helpful / correct posts

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Ric Beeching

‎08-21-2013 03:38 PM

Rated Mooncat & Ric's posts.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card