Showing results for 
Search instead for 
Did you mean: 

WLC 9800 to authenticate client from secure LDAP

Hythim Ali El Hadad
Frequent Contributor
Frequent Contributor


We need tointegrate our WLC 9800 with LDAP with mode secure on port 636

This is to authenticate our clients when connecting to SSID to enter domain credentials

We have finished below

1- got root cert from Microsoft team then I trusted it

2- Generate CSR thn signed by microsoft team CA server with template web server and base 64 encoding then we import it into WLC

3- Add LDAP server on WLC [with IP, port 636, user dn and base - but without attribute mapping that I don't know if it is required or not and what to use here]

4- add ldap group to include ldap server

5- add method list for authentication with type = login, group type = group , and this include ldap group

6- didn't create method list for authorization as I think it denied our access to login to the WLC GUI, so I delete it

7- Edit the wireless LAN security setting, Layer 2 = none  [open] , layer 3 checked web policy and select both auth parameter and auth list configured before

The problem is that when the client enter his domain credential after connecting to SSID , he got error [ Authentication server is unavailable] and I see error " auth failed, AAA server down " on WLC log

The client see the WLC virtual ip on the login web page

I checked "show ldap server all" on WLC nd found state is ALIVE with the configured LDAP parameters [ip, port 636, dn user ..]

What I'm missing here to get this work




2 Replies 2


Thanks for your answer
Yes I tired both links but isn't working
Only I didn't do anything for "Configuring a Dynamic Attribute Map on an SLDAP Server" as I don't know what is required here
Also There is strange problem, I see in packet capture on controller that the WLC trying to send search request to "" baseObject , while it should send the search request to "DC=abc,DC=com". Also I'm not finding the bind request with our bind user name from WLC to the LDAP. Although both search base and user base configured correctly


Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers