Product and Software: This article applies to all Aruba controllers and ArubaOS versions.
To configure an LDAP server in an Aruba controller, follow these steps:
1) Under Authentication > Servers, add the LDAP server's IP address with the Admin DN and Base DN.
A) Enter the IP address of the LDAP server.
B) Enter the admin DN: The distinguished name for the admin user who can search for the LDAP server. CN=Admin-name,CN=Users,DC=department-name,DC=domain-name,DC=com
C) Enter the base DN: The distinguished name of search for the LDAP server. CN=Users,DC=qa,DC=domain,DC=com
D) Click the "Allow clear text" option when using LDAP with port numbers 389 and uncheck it when used LDAPS (secured with port 636).
2) Add the LDAP server to the server group. Fail through can be enabled if more than one LDAP server is available in the network.
3) Map the aaa profile in the dot1x authentication server group with the server group created. Note: It is always better to create a new server group instead of using the default server group.
4) Enable the termination in the controller with eap-peap and eap type as eap-gtc and no machine authentication as for now.
5) Confirm that the connectivity is good by testing with aaa test server only with pap as the authentication method.
Aruba provides a plug in to Windows Wireless Zero Config to support EAP-PEAP/GTC. https://support.arubanetworks.com/TOOLSRESOURCES/tabid/76/DMXModule/514/EntryId/114/Default.aspx