The problem with LDAP integration with AD is that you are only restricted to some EAP types. The supported types are EAP-FAST, EAP-TLS and LEAP.
quoting from the above link:
Local EAP supports LEAP, EAP-FAST, EAP-TLS, P EAPv0/MSCHAPv2, and PEAPv1/GTC authentication between the controller and wireless clients.
The LDAP backend database supports these Local EAP methods:
LEAP, EAP-FAST/MSCHAPv2, and PEAPv0/MSCHAPv2 are also supported, but only if the LDAP server is set up to return a clear-text password. For example, Microsoft Active Directory is not supported because it does not return a clear-text password. If the LDAP server cannot be configured to return a clear-text password, LEAP, EAP-FAST/MSCHAPv2, and PEAPv0/MSCHAPv2 are not supported.
The only common supported EAP types shared between local EAP and LDAP (as it's backend server) is EAP-TLS PEAPv1/GTCand EAP-FAST. So if you are going to use this option you need probably to use one of those types.
You can also use a radius server and integrate the radius server with AD. This is a much better optoin where you can use whatever EAP type supported by the radius server. If you can take the radius server option then I don't recommend to go to local EAP option with LDAP. RADIUS erver option is much better. Use only the local eap if you have small environment or you can't by anyway utilize a radius server.
Hope this helps.
Rating useful replies is more useful than saying "Thank you"
I have the same problem. I wondered if you had fixed yours. We are using Active Directory on 2008 R2 for our Domain Controller. Everything I have seen so far is Server 2003. We have 2 networks, one a guest that we do the local user configuration and generate passwords as needed. The other I would like to tie to AD so my internal users can authenticate. I did a Tac case on it but they say it is my Windows config that is wrong. (still not resolved) I got the AD Guru on it and they can't seem to see anything wrong either. I know it is probably as simpl as a radio button click. Any help would be appreciated.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...