ArubaOS and Controllers

Reply
Contributor II

Ldap autehtication

HI

MY CUSTOMER ITS USING ACTIVE DIRECROTY, how can i autenticate via LDAP?
what do i need to do on the Controller?
Aruba Employee

Re: Ldap autehtication

You may find it easier to install IAS and run to RADIUS rather than directly connecting to LDAP. Chapter 9 in the user guide goes over how to configure authentication servers, have you looked at that?

-awl
Andy Logan, ACDX
Director, Strategic Account Solutions
Aruba Networks
Contributor II

Re: Ldap autehtication

im on page 277 ArubaOS 5 802.1x =)

So i undestrand it is necesarily to use autentication before access?
Cannot configure to forward all the users without atuhenticartion?


But i have another problem, the RAP is UP, the DHCP server is in controller and working, i wan to connect the user on the wired side of the RAP5WN in the RAP Group is already configured the port profile to split tunerl and port Acces VLAN 20, the vlan 20 is confogured in the conroller with an IP and UP, but the user on the wired side cannot connecto to hte DHCP server, and the SSID is not broadcasting in the VAP it is configures the SSID and the acceess vlan, what can be wrong?
Aruba

Ldap autehtication

You can configure ports to 'forward without authentication' by configuring it as 'trusted'. You can forward all users on an SSID without authentication by setting the 'initial role' to 'authenticated'.
Contributor II

Re: Ldap autehtication


You can configure ports to 'forward without authentication' by configuring it as 'trusted'.



for trusted only must be on tunnel mode and carry all the trafic back to the controller.





This apply to the wired port of the RAP5WN?
i have something weird i have configured the SSID, VLAN on the RAP but for some reason the RAP does not broadcasting the SSID and the led its green of the 2.4 ghz, and if i switch to AM mode it works fine, what can be wrong?

Aruba Employee

Re: Ldap autehtication

Lets keep your threads separated, you have another thread for your SSID already running so let's deal with that one on that thread.

As Jason mentioned you can have your ports setup to allow anyone in by simply making them trusted. Obviously this is not secure so anyone who gains physical access to the RAP gets on your network.

If you still have questions, please explain from the port level what it is you are trying to accomplish. That will help us get you answers that are more directed.

-awl
Andy Logan, ACDX
Director, Strategic Account Solutions
Aruba Networks