Hello!
Dear all, I have some problems integrating WLC 4400 with AD using ldap
The the WLC LDAP Server and WLAN for Web Authentication are configured acoording to
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a03e09.shtml#C2
when I connect to SSID the laptop is given the ip address, then I can see the web-page with
login and pass - it seems to be OK, but when I enter login and pass it tells me, that
it's incorrect
The attributes of the LDAP server:
Server Address *.*.*.*
Port Number 389
User Base DN ou=ORG,dc=domain,dc=local
User Attribute userPrincipalName
User Object Type Person
the test user is located in AD folder ORG, but this folder also contains a lot of subtrees
There are some questions:
1) Is it obligatory to use value "Authenticated" in the Simple Bind option or it can be Anonymous?
2) Is the Controller capable for searching the users located in User Base DN subtrees?
Here is some debug from the controller:
667: LDAP_CLIENT: UID Search (base=.....
669: LDAP_CLIENT: ldap_search_ext_s returns 0 85
669: LDAP_CLIENT: Returned 1 msgs including 0 references
669: LDAP_CLIENT: Returned msg 1 type 0x65
669: LDAP_CLIENT : No matched DN
669: LDAP_CLIENT : Check result error 0 rc 1013
669: LDAP_CLIENT: Received no referrals in search result msg
669: LDAP_CLIENT: Received 1 attributes in search result msg
669: ldapAuthRequest [1] called lcapi_query base="ou=ORG,dc=domain,dc=local" type="Person" attr="userPrincipalName" user="test@domain.local" (rc = 0 - Success)
669: Handling LDAP response Authentication Failed
670: 00:1d:e0:a1:73:2f Returning AAA Error 'Authentication Failed' (-4) for mobile *MAC-address*
670: AuthorizationResponse: 0x31b6e2d0
