cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
552
Views
0
Helpful
7
Replies
Highlighted
Explorer

2504 LDAP for devices

How can I setup the WLC to accept authentication based on the device itself and not a user?

7 REPLIES 7
Highlighted

Do you have an AAA server that you will be backending to for the machine accounts?

the config on the WLC doesn't change if you do.  It all depends on the EAP config you have on the AAA server.

HTH,
Steve

-----------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Highlighted

Can you plz clarify more

What is the auth type that you want to use?

Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
Highlighted

Customer wants to authenticate against LDAP based on the device itself, not any particular user. He has the computers in AD that he wants to have access to the wireless with, some are Windows CE type devices.  He has Windows Server 2003.

Highlighted

LDAP to AD does not work well from the WLC, as AD stores the password in a non-reversable format.

You'd be better off promoting the 2k3 server to run IAS and doing the authentication from there.

HTH,
Steve

-----------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Highlighted

I guess you mean machine authentication, not user authenticatoin, right?

the answer will be "No". This is not supported with LDAP unfortunately.
You need to enter the username and the password to authenticate.
If you want machine authentication you can use MS IAS/NPS or Cisco ACS.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"
Highlighted

Yes, Machine auth. So is there a good example based on Windows, and not ACS? Customer is not going to purchase an ACS for this.

Highlighted

Well, you better visit microsoft forums and ask there. It is almost a checkbox to check in the NPS policies to enable machine authentication but I have no idea how to go to that piece of configuration.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"