03-22-2017 09:20 AM - edited 04-02-2017 11:18 PM
I have a issue. I've got LDAP authentication working but i need to point to the specific CN for Base-DN (See below).
The thing is the AD has all the users scattered across a _lot_ of OUs and this is a problem for me. If I remove CN=Users and leave DC=xxx,DC=com then it won't work.
Is there any way to recurse through the entire AD and if there is what should be in the Base-DN.
Also, the GTC token thing doesn't work for Windows 10. In Windows 7 I'm able to authenticate but the connection will fail in Windows 10. Some assistance here would be much appreciated :)
Thanks in advance!
03-22-2017 10:56 AM
You would deal with a majority of your issues (having to install EAP-GTC, having to figure out what container to authenticate users to), if you switch to using a radius server, instead...
Typically you should just be able to use DC=Com, DC=Domain, but you might have to enable ldap debugging on your LDAP server to determine what is wrong.
Again, switching to radius for 802.1x is a better way to do encryption and it provides more opportunities for troubleshooting.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
04-19-2017 11:14 PM
thanks... but the thing is.... they have like 60+ companies in the group and each of them has their own AD structure. so the users are scattered across all these OUs and are in multiple CNs, and they would like to recurse through the whole thing when a user logs in.