LDAP authentication through a web page

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-21-2018 08:58 AM - edited 07-05-2021 08:46 AM
Hi everybody,
It seems easy, but I find some difficulties to make it work, I'm trying to configure the WLC to let people get access to the network by using their LDAP credentials
I configured a WLAN as follows :
interface : Management
security :
Layer 2 : None
Layer 3 : Web policy ( Authentication)
Over-ride Global Config : Enable
Web Auth type : Internal (I want to change it after to use a customized page, not that important for now)
AAA servers :
everything on default except for LDAP server I have the IP address there and authentication using local and LDAP only
EAP profile : EAP (created)
somehow I can't see any WLAN using my laptop ( I was able before doing these modifications) , and by using my phone it worked but the login is always incorrect even when using the correct username and password in the OU defined in the LDAP menu
DO you have guys any input, what's the correct setup to follow to make it work
I followed btw this guide (Create WLAN That Relies On LDAP Server To Authenticate Users Through Internal WLC Web Portal) : https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/211277-WLC-with-LDAP-Authentication-Configurati.html
Infos : WLC : 2504
AP: AIR-AP1832I-E-K9
Thanks
- Labels:
-
Wireless Network Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-21-2018 10:24 PM
please go through this guide:
Regards
Dont forget to rate helpful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-22-2018 02:41 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-22-2018 05:27 AM
Depending on the AD version, the WLC has to get some additional permissions to authenticate users on behalf (I think 'enumeration' is the keyword).

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2018 04:58 AM
I did exactly what is mentioned here : https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/108008-ldap-web-auth-wlc.html
I can say that the controller is well configured ? it's maybe something at the LDAP server level ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2018 05:06 AM
In any case, I'd suggest you install a radius server and use radius for the user authentication.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2018 07:13 AM - edited 06-28-2018 07:17 AM
yeah, it seems something is messed up there, some connections aren't established correctly ...here some logs messages confirming this while i'm using correct credentials
*ewmwebWebauth1: Jun 28 15:19:41.072: %LOG-3-Q_IND: ldap_db.c:1082 Could not connect to LDAP server 1, reason: 49 (Invalid credentials).[...It occurred 2 times.!]
*LDAP DB Task 1: Jun 28 15:19:40.108: %AAA-3-LDAP_CONNECT_SERVER_FAILED: ldap_db.c:1082 Could not connect to LDAP server 1, reason: 49 (Invalid credentials).
*ewmwebWebauth1: Jun 28 15:02:22.747: %LOG-3-Q_IND: ldap_db.c:1082 Could not connect to LDAP server 1, reason: 49 (Invalid credentials).[...It occurred 2 times.!]
*LDAP DB Task 1: Jun 28 15:02:21.784: %AAA-3-LDAP_CONNECT_SERVER_FAILED: ldap_db.c:1082 Could not connect to LDAP server 1, reason: 49 (Invalid credentials).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2018 07:21 AM

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2018 09:27 AM
