10-29-2013 02:32 PM - edited 07-04-2021 01:10 AM
Right now we're using WPA2 - PSK; and although it works flawlessly, I hate having to touch every single device to connect it to the WLAN.
I'm looking for something that will allow a user to login to a laptop; and have them select the prod wlan, and will authenticate them based on their LDAP settings or something.
So, right now, if a laptop has never been setup to connect to the prod WLAN, no users can login to that laptop. If I have a newly configured laptop; I want whoever is in our AD to be able to login to it without having to have me assist them.
Whats the best way to go about this?
Is it EAP-Fast with LDAP?
Thanks!!
10-29-2013 02:36 PM
all depends. If these are Domain machines, you could use a GPO to push out the wireless config.
If they are not, then PEAP would be the best, as it is suppported by all operating systems, and EAP-FAST is not. The downside is there could still be some manual intervention needed to configure the supplicant.
HTH,
Steve
------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
10-29-2013 02:38 PM
99% of the machines would be domain machines. With that said, I could use a GPO to push something out. Knowing that, what would work best in my scenario?
Thanks!!
10-30-2013 08:18 AM
It depends, if you have a AAA server PEAP. If you don't have one running WPA2/PSK will work as well.
With PEAP password will be using the AD/LDAP and follow that change policy
HTH,
Steve
------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide