Solved: New install - LDAP Auth

cgbenne42 · ‎06-10-2025

Hey all!

I'm setting up a new deployment and cannot get the ldap working for a secured wireless network.

I added an AD account to the top of the users OU and set it to the following in the LDAP Admin field;

cn=meraki,dc=Users,dc=intra,dc=domain,dc=gov

When I input the correct username and password for a test, I just hit the following error;

I'm able to ping the internal DC address from the AP with no issues.

Could somebody point me in the right direction for this one?

-Chloe

mloraditch · ‎06-10-2025

Are you able to do an LDAP bind using those creds from a PC on the same subnet as the APs? You can use the LDP tool to test: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771022(v=ws.11)

It's also quite possible there is a Cert issue. You might need to use port 636 instead. Packet captures can really help with diagnosing LDAP connectivity issues. May want to capture the transaction on your server's NIC to verify the traffic is being received and what is happening.

If you found this post helpful, please give it a thumbs up. If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

aleabrahao · ‎06-10-2025

Enter the IP address of your LDAP server in the Host field and the LDAP listening port which is normally 389 in the Port field.
Note: Cisco Meraki APs (MRs) will use Secure LDAP over TLS.
For LDAP admin, enter the distinguished name of the administrative account to be used by the AP to bind to your LDAP server, for example cn=admin,dc=example,dc=com, and the password.

https://documentation.meraki.com/MR/MR_Splash_Page/Configuring_Splash_Page_Authentication_with_an_LDAP_Server

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

cgbenne42 · ‎06-10-2025

I've entered it correctly as indicated by the KB, shown in my screenshot above, but the AP keeps failing to connect.

mloraditch · ‎06-10-2025

Are you able to do an LDAP bind using those creds from a PC on the same subnet as the APs? You can use the LDP tool to test: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771022(v=ws.11)

It's also quite possible there is a Cert issue. You might need to use port 636 instead. Packet captures can really help with diagnosing LDAP connectivity issues. May want to capture the transaction on your server's NIC to verify the traffic is being received and what is happening.

If you found this post helpful, please give it a thumbs up. If my answer solves your problem please click Accept as Solution so others can benefit from it.

cgbenne42 · ‎06-11-2025

I placed my laptop on the wireless VLAN and LDP works perfectly with the dedicated meraki account in AD. I'll see if the traffic is passing in Wireshark, but the initial testing with LDP shows a valid and successful connection.

cgbenne42 · ‎06-11-2025

After installing Wireshark and watching the traffic, I noticed a SSL/TLS error that lead me to the KB article below. It was the issue outlined in the article that directed me to a cert issue I had to fix.

Active Directory Issue Resolution Guide - Cisco Meraki Documentation

This one is good to go.

@mloraditch you sent me down the right path!