I want to Integrate Cisco WLC with Microsoft AD. I have got one documentation form Cisco Site , but it is not working.
Can any one please provide me any link or configuration documentation ?
user will get the IP address from WLC when the username and password gets velidated from existing Microsoft AD.
I assume you want to use local EAP against Microsoft AD.
As I know WLC can only work with a LDAP database but not Microsoft AD.
Refer to this document:
LEAP, EAP-FAST/MSCHAPv2, and PEAPv0/MSCHAPv2 are also supported, but only if the LDAP server is set up to return a clear-text password. For example, Microsoft Active Directory is not supported because it does not return a clear-text password. If the LDAP server cannot be configured to return a clear-text password, LEAP, EAP-FAST/MSCHAPv2, and PEAPv0/MSCHAPv2 are not supported.
Nice point Arindam!!
Any RADIUS server in the middle will help you a lot to communicate with the AD.. so that u can use most of the things.. if not.. use LOCAL EAP-FAST..
We cannot integrade AD directly without ACS (Radius) to the WLC.. there is only one option. that is to go for LDAP and The link posted by Raul in the begining of the thread will let us know the limitations..
Let me know how this answers your question.
In clear, integrating the WLC with the AD as LDAP database will limit you to the methods not containing "mschapv2". For example : peap-gtc, eap-fast-gtc and eap-tls.