https://community.cisco.com/t5/wireless/meraki-local-authentication/m-p/5498303#M300849 <H2 id="toc-hId-1647626776"> Requirements</H2><UL><LI><P>All MR access points in the Network must be running MR 27.1+ firmware*</P></LI><LI><P>An admin account credential for the LDAP server with read-only permissions has to be input as part of dashboard configuration </P></LI><LI><P>If an Active Directory-based LDAP server is used, it must support an LDAP bind operation</P></LI><LI><P>The LDAP server must support STARTTLS</P></LI><LI><P>CA certificate used to sign the LDAP server's private key must be uploaded to the dashboard. This certificate is used by an MR to verify the authenticity of the LDAP server.</P></LI><LI><P>The LDAP server’s certificate must have a subjectAltName field that matches the Host address configured on the dashboard (either IP address or FQDN)</P></LI><LI><P>Wireless clients must trust the certificate presented by the MR which is signed by a well-known Certification Authority QuoVadis for the purposes of validation of the MR for certificate-based authentication.<BR /><BR /><A href="https://documentation.meraki.com/MR/Encryption_and_Authentication/Meraki_Local_Authentication_-_MR_802.1X" target="_blank" rel="noopener nofollow noreferrer">https://documentation.meraki.com/MR/Encryption_and_Authentication/Meraki_Local_Authentication_-_MR_802.1X</A></P></LI></UL> Tue, 25 Jun 2024 11:13:24 GMT aleabrahao 2024-06-25T11:13:24Z https://community.cisco.com/t5/wireless/meraki-local-authentication/m-p/5498302#M300848 <P>Hi,</P><P>For Meraki local authentication with an LDAP server what are the Pre-requisites ? and is certificate must or is it optional if i am going with only LDAP &amp; not LDAPs ?</P> Tue, 25 Jun 2024 10:49:51 GMT https://community.cisco.com/t5/wireless/meraki-local-authentication/m-p/5498302#M300848 Ajchand 2024-06-25T10:49:51Z https://community.cisco.com/t5/wireless/meraki-local-authentication/m-p/5498303#M300849 <H2 id="toc-hId-1647626776"> Requirements</H2><UL><LI><P>All MR access points in the Network must be running MR 27.1+ firmware*</P></LI><LI><P>An admin account credential for the LDAP server with read-only permissions has to be input as part of dashboard configuration </P></LI><LI><P>If an Active Directory-based LDAP server is used, it must support an LDAP bind operation</P></LI><LI><P>The LDAP server must support STARTTLS</P></LI><LI><P>CA certificate used to sign the LDAP server's private key must be uploaded to the dashboard. This certificate is used by an MR to verify the authenticity of the LDAP server.</P></LI><LI><P>The LDAP server’s certificate must have a subjectAltName field that matches the Host address configured on the dashboard (either IP address or FQDN)</P></LI><LI><P>Wireless clients must trust the certificate presented by the MR which is signed by a well-known Certification Authority QuoVadis for the purposes of validation of the MR for certificate-based authentication.<BR /><BR /><A href="https://documentation.meraki.com/MR/Encryption_and_Authentication/Meraki_Local_Authentication_-_MR_802.1X" target="_blank" rel="noopener nofollow noreferrer">https://documentation.meraki.com/MR/Encryption_and_Authentication/Meraki_Local_Authentication_-_MR_802.1X</A></P></LI></UL> Tue, 25 Jun 2024 11:13:24 GMT https://community.cisco.com/t5/wireless/meraki-local-authentication/m-p/5498303#M300849 aleabrahao 2024-06-25T11:13:24Z