Controllerless Networks

Hi guys,

I have a issue. I've got LDAP authentication working but i need to point to the specific CN for Base-DN (See below).

The thing is the AD has all the users scattered across a _lot_ of OUs and this is a problem for me. If I remove CN=Users and leave DC=xxx,DC=com then it won't work.

Is there any way to recurse through the entire AD and if there is what should be in the Base-DN.

Also, the GTC token thing doesn't work for Windows 10. In Windows 7 I'm able to authenticate but the connection will fail in Windows 10. Some assistance here would be much appreciated :)

Thanks in advance!

Daniel

You would deal with a majority of your issues (having to install EAP-GTC, having to figure out what container to authenticate users to), if you switch to using a radius server, instead...

Typically you should just be able to use DC=Com, DC=Domain, but you might have to enable ldap debugging on your LDAP server to determine what is wrong.

Again, switching to radius for 802.1x is a better way to do encryption and it provides more opportunities for troubleshooting.

Hi Colin,

Thanks for replying. However the end does not want to use a Radius... we got to find a way to recurse through the OUs somehow.

Anyone has any ideas? Since the end user doesn't want a radius server...

Any assistance greatly appreciated.

TIA :)

Well,

I am waiting for someone who still uses LDAP to answer...

yea i know it's a long shot, but it's worth a try......

thanks Colin. appreciate it.

You can try using the plugin ldp.exe to find out the base DN for the OU you are interested in & then check if that helps

thanks...