Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco WLC 2504 and AD authentication

At one of my customer we have installed Cisco wlc 2504 and has been integrated with AD for authenticating the users. The windows server version is 2003. Now the wifi user is getting authenticated and is able to connect to the domain but the issue is that the group policies are not being pushed to the wifi users. If the same user connects through the wired network, the group policies are being pushed.

7 REPLIES

Cisco WLC 2504 and AD authentication

New Member

Cisco WLC 2504 and AD authentication

Hi jawad,

First of all thanks for replying, but the issue still remains. The wireless users are authenticated by AD but the GPO is not pushed to them. When the same user connects through the wired network all the GPO is pushed.

New Member

Re: Cisco WLC 2504 and AD authentication

What is the authentication mechanism you use? I am guessing its user-based PEAP.

What happens if after user successfully authenticates and gets authorized to WLAN - can he/she run the gpoupdate and get the policies?

Sent from Cisco Technical Support iPhone App

Re: Cisco WLC 2504 and AD authentication

You're want to take a look into machine authentication

Steve

Sent from Cisco Technical Support iPhone App

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Silver

Re: Cisco WLC 2504 and AD authentication

Kindly follow the following link for the Group policy, complete step by step configuration

Server 2008/2012

http://jackstromberg.com/2013/05/tutorial-802-1x-authentication-via-wifi-active-directory-network-policy-server-cisco-wlan-group-policy/

cisco document (another explaining in detail the flow)

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080921f67.shtml

New Member

Re: Cisco WLC 2504 and AD authentication

Please try the steps which is provided in the link. The link is on 2008 server setting but you can just verify the settings missing in you configuration for refrence.

http://jackstromberg.com/2013/05/tutorial-802-1x-authentication-via-wifi-active-directory-network-policy-server-cisco-wlan-group-policy/

Re: Cisco WLC 2504 and AD authentication

The issue with user auth is that it does not online before the user logs in. GPOs are normally applied at boot. Since the user is not logged in during the bootup the computer is unable to download the GPO.

The workaround for this is to do "Computer + User" for authentication. the Computer's machine account to log in and download the GPO via wireless and the. Switch to the user account when the user logs in.

Note that the machine behavior changes from WinXP to Vista/7/8

Sent from Cisco Technical Support iPhone App

1771
Views
0
Helpful
7
Replies
CreatePlease login to create content