Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
692
Views
5
Helpful
1
Replies

AD and WLAN authentication

Go to solution
oneirishpollack
Level 1
Level 1

‎10-04-2011 10:56 AM - edited ‎07-03-2021 08:52 PM

We currently have a 4402, AD, and an ACS server.

I would really like to authenticate staff/faculty on the employee WLAN using their existing AD accounts.

How hard, easy, or possible is this? Any drawbacks to using Windows AD versus a local DB on the wireless lan controller or the ACS?

What are the big picture steps it it makes sense to do it this way (using AD).

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
George Stefanick
VIP Alumni
VIP Alumni

‎10-04-2011 11:05 AM

Big picture -- use AD as your means of authentication of your users within your wireless network.

When doing local accounts on ACS it can be a burden to the admin having to manage ACS account of the users. And when they leave someone will have to disbale their account.

On the WLC you will have limitations and the WLC isnt designed for such a task especially for large deployments. Also if you ever want to do AD radius attributes, you will have the pieces in place to do so in the future with AD.

It is pretty easy to set up. You will create a relationship between your ACS server and your AD. Depending on the version of ACS will depending how its configured, of course.

Almost all enterprises use AD for wireless user authentication.

I hope this helps ...

If you find this helpful dont forget to rate post! If you have otehr question -- fire away!

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

View solution in original post

1 Reply 1

Go to solution
George Stefanick
VIP Alumni
VIP Alumni

‎10-04-2011 11:05 AM

Big picture -- use AD as your means of authentication of your users within your wireless network.

When doing local accounts on ACS it can be a burden to the admin having to manage ACS account of the users. And when they leave someone will have to disbale their account.

On the WLC you will have limitations and the WLC isnt designed for such a task especially for large deployments. Also if you ever want to do AD radius attributes, you will have the pieces in place to do so in the future with AD.

It is pretty easy to set up. You will create a relationship between your ACS server and your AD. Depending on the version of ACS will depending how its configured, of course.

Almost all enterprises use AD for wireless user authentication.

I hope this helps ...

If you find this helpful dont forget to rate post! If you have otehr question -- fire away!

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card