Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco wireless controller and AP-binding domain how do you integrate wireless domain authentication?

With Cisco equipment wlc 2500 and AP 1600 combines windows 2008 r2 domain controller to achieve the following purposes, 

1, all cell phones and laptops can access the wireless network with a domain user authentication. 

2, the guest network should how to do it? 


My idea is: 

Made a total of two ssid below 

Mobile users cnnewcity_mobile: Use webportal certification, so the center certification, local forwarding 

Computer users cnnewcity_wifi: transparent certification, local forwarding, local authentication 

The basic steps are as follows: 

1, set the Radius server clients (AP or controller) 

2, locking authorization group --- this should be based on the domain user group authorization radius server 

3, the mobile roaming - different locations on the DHCP server choose to do this you have to consider the next 43 

4, the establishment of a two vlan to a mobile user to the computer user, create a DCHP scope on the DHCP

I do not know if you have wood there are better ways?

Everyone's tags (1)

Integrating the AD to the WLC

Integrating the AD to the WLC Requires:

1. AD to be registered:

 AT: Security->AAA
    AT: LDAP     
    CLICK: New

    Server IP:    <AD IP>
    Port Number:    389     
    Simple Bind:    Authenticated
    Bind User:    CN=Administrator,CN=Users,DC=testing,DC=local,DC=com
    Bind Pass:    <LDAP Admin pass>
    Confirm Pass: <LDAP Admin pass>
    User Base DN:    OU=WebAuth_Users,DC=testing,DC=local,DC=com
    User Attrib:    sAMAccountName      
    User Obj. Type:    person        


Enable at WLAN Profile
    CLICK: <Desired WLAN> -typically web authentication
2. AT: Security Tab
    AT: AAA Servers
3. AT: LDAP Servers
    **Select Created LDAP
4. Apply to Save


Source: Tried it in implementations :))