Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

User Authentication with Local DB & AD

Hi All,

I have deployed WLC5508 with software version 7.4 at one of my clients office. There requirement is to have a SSID for the external users who will be working with the company. Some of the users will have their IDs on Active Directory, and some users who will be working for short time period, will not have IDs on Active Directory. Now, can I configure Dual authentication method on single SSID that, when a user with an AD ID tries to connect, he is authenticated through AD, and when a user without AD ID (but having a user ID created in Local Database of WLC) tries to connect, he is authenticated through local database.

Looking forward for your response.

Regards,

Sohail

2 REPLIES
Cisco Employee

User Authentication with Local DB & AD

Hi Sohail,

As far as I am aware this is not going to be possible.  Once you add RADIUS into the mix on the WLAN, it will take priority for 802.1x authentication.  So the only time Local EAP Auth will come into play is if no RADIUS servers are found.  This means all credentials will be submitted to the RADIUS and users that are not listed there will respond back with Access-Reject. 

A more streamlined solution for this would be to use ACS as you can specify a local database and an AD external db. That way all RADIUS auth will flow through ACS to provide you the solution you are looking for.

Cheers, Erwin ______________________________________ How helpful was I? Don't forget to rate me when you have the chance!
Bronze

User Authentication with Local DB & AD

Hi,

configure local EAP and set the authentication priority to be LDAP then LOCAL.

283
Views
0
Helpful
2
Replies
CreatePlease to create content