https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237328#M67624 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Here is a link that you may find handy. Just go to the LDAP section:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1054421">http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1054421</A></P></BODY></HTML> Thu, 18 Jul 2013 02:50:43 GMT mmangat 2013-07-18T02:50:43Z https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237327#M67623 <P>Hello All,</P><P></P><P>In ISE we tried adding active directory but it failed (ISE &amp; AD Integration). Still there was another option in ISE like LDAP and we added the identity stores. </P><P></P><P>Now with the below security feature,a client can get authentication through LDAP.</P><P></P><P>L2 Security-WPA2</P><P>Encryption-AES</P><P>Auth method-PEAP(EAP-MSCHAP V2)</P><P></P><P>When i tried connecting i am getting error like "Current Identity store does not support this type" in the ISE.</P><P></P><P>LDAP in ISE has to replaced with the active directory...?</P><P></P><P>Any quick help will be appreciated </P> Sun, 04 Jul 2021 07:26:58 GMT https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237327#M67623 Prasan Venky 2021-07-04T07:26:58Z https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237328#M67624 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Here is a link that you may find handy. Just go to the LDAP section:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1054421">http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1054421</A></P></BODY></HTML> Thu, 18 Jul 2013 02:50:43 GMT https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237328#M67624 mmangat 2013-07-18T02:50:43Z https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237329#M67625 <HTML><HEAD></HEAD><BODY><P>Hello Mr. Mangat,</P><P></P><P>Thanks for your effort <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN> I got how to configure it on ISE from your link. But my expectation is to know the difference between LDAP and AD in ISE. Bcoz when i configure LDAP it was not working for my clients with the PEAP security but later i configured AD with the ISE and now its working fine.</P><P></P><P>KVS</P></BODY></HTML> Thu, 18 Jul 2013 05:43:53 GMT https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237329#M67625 Prasan Venky 2013-07-18T05:43:53Z https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237330#M67626 <P>IMO Cisco ISE does very poor integration with LDAP while it supports Active Directory very well. This is a big shortage on ISE as in our environment LDAP is more widely used than our Active Directory.</P><P>&nbsp;</P><P>Basically, you can not use EAP kind authentication on supplicant while your ISE uses LDAP as external identity store. Cisco officially says it only support EAP-GTC and PAP with LDAP. EAP-TLS has nothing to do with LDAP at authentication stage as the supplicant and ISE itself need to trust each other.</P><P>&nbsp;</P><P>We also spent a lot of time on central administrator authentication with LDAP with ISE local authorisation as we do not have the group attributes in our LDAP ISE wants for the administrators, and it turns out that ISE simply does not support it.</P> Thu, 08 Jan 2015 00:56:48 GMT https://community.cisco.com/t5/wireless/ise-peap-ldap/m-p/2237330#M67626 networkguy13111 2015-01-08T00:56:48Z