How to add External Authentication source to CPPM

Aruba Employee
Aruba Employee

Introduction : This is used to authenticate users using Captive Portal or Dot 1 x as well as in Tacacs service to authenticate users on network devices including ClearPass and Airwave.

Note: If  EAP-PEAP with MSCHAPv2 will be used, then CPPM will need to be joined to the domain as well.
Please refer for details about this.


Environment : This article is written on CPPM 6.x


Configuration Steps : How to find the Bind DN for a user for Active Directory.

1: C:\Users\Administrator>dsquery user
This will return the bind DN for each users.
C:\Users\Administrator>dsquery user

We can use any bind DN based on the privileges we need.

Configuration on CPPM.

 Navigate  to Configuration – Authentication – Sources and click “Add Authentication Source"


Fill in the details below and hit "Next".


Fill in the details below:


Hostname : Provide the IP or the Hostname of the AD server.
Connection Security : We can choose from the drop down.
Port : 389 by default.
Verify Server Certificate : This option is not required to be enabled if port 389 is selected by default.
Bind DN :  Bind DN can be fetched from the Active directory by running the command below on the Windows server CLI.
C:\Users\Administrator>dsquery user
OR Bind DN can be entered just as

After entering the aove details click on " Search Base Dn"

It will open up a new window as below.


Select the correct Base DN and hit Save. After Save, hit "Next"

We can add/remove attributes based on our requirements. This can be used later to authenticate a specific group of users with a common attribute to a given role.

Click Next.


Hit "Save" and exit.

We have successfully added the Active directory as an authentication source.

Version history
Revision #:
1 of 1
Last update:
‎07-18-2014 05:41 AM
Updated by:
Search Airheads
Showing results for 
Search instead for 
Did you mean: