Thanks Abhishek,Ok I get the

bbiandov · ‎11-19-2014

Hi everyone,

The WLC works just fine using web authentication against AD using LDAP. No complaints there.

However I can't figure out how to specify multiple User Attributes. Right now I use "sAMAccountName" but I want to use more than one concurrently. By concurrently I mean the following desired result: web auth form COULD collect either the full e-mail address OR the "sAMAccountName" OR the "userPrincipalName" and the user is still authenticated while all of those are tried until something comes back as successful with the password provided by the user.

I attempted to do multiple definitions of the same AD server but using different User Attributes and WLC won't allow that. It says only one LDAP definition per server IP.

Any ideas will be appreciated!

Abhishek Abhishek · ‎02-04-2015

Hello Boyan, i am sorry to say that this feature is still not available in WLC that will allow to do multiple definitions of the same AD server but using different User Attributes.

It will only allow one LDAP definition per server IP.

bbiandov · ‎02-05-2015

Thanks Abhishek,

Ok I get the limitation of one definition per IP; that's fine let's say I have few different AD servers which means I can have multiple IPs with multiple definitions. How do you configure the WLC to "hunt" so that all IPs are attempted before an error is returned to the supplicant???

I have tested this and it doesn't work; the first failure and the WLC stops hunting and returns authentication failure?

Thank you

WLC; web auth; LDAP to AD works but how do you control attribute matching?