Wireless Access

Reply
New Contributor
Posts: 1
Registered: ‎11-22-2012

Aruba LDAP authentication

Hello,I try to link  Aruba Controller with LDAP Server(Windows2008) for authenticating Active Directory User.

 

Configuring aaa-authentication-server as ldap, it shows " authentication failed" on executing "aaa query user" from console.

When I see the result of "show aaa authentication-server statistics", all statistics shows 0.

Considering those statistics, I'm afraid that there may be any wrong configurations.

Can anyone show what gives wrong configuration ?

 

I configure LDAP Server as follows:

------------------------------------------------

aaa authentication-server ldap "win2008"
   host 192.168.1.124
   admin-dn "administrator"
   admin-passwd 731e5a97ee42c61d372fdcf9f3bb9288886df767ef25a742
   base-dn "CN=Users,DC=test-domain,DC=com"

 

aaa server-group "ldap"
 auth-server win2008

 

aaa profile "ldap-test"
   authentication-dot1x "ldap-test"
   dot1x-server-group "ldap"

-------------------------------------------------

 

When I execute a query command.

-------------------------------------------------

(Aruba620) #aaa query-user win2008 Administrator

Authentication failed

-------------------------------------------------

 

When I execute a statistics command.

-------------------------------------------------

(Aruba620) #show aaa authentication-server ldap statistics

LDAP Server Statistics
----------------------
Statistics             win2008
----------             -------
Login Requests         0
Login Success          0
Login Failure          0
Login Timeout          0
Total Unbind Requests  0
  - Reason: Timeout    0
AvgRespTime (ms)       0
Uptime (d:h:m)         0:0:0

--------------------------------------------------

(Aruba620) #show ver
Aruba Operating System Software.
ArubaOS (MODEL: Aruba620), Version 6.1.2.8
Website: http://www.arubanetworks.com
Copyright (c) 2002-2012, Aruba Networks, Inc.
Compiled on 2012-02-24 at 23:49:46 PST (build 32519) by p4build

ROM: System Bootstrap, Version CPBoot 1.0.0.0 (build 23274)
Built: 2010-01-19 11:11:41
Built by: p4build@re_client_23274

 

Regards

Guru Elite
Posts: 20,773
Registered: ‎03-29-2007

Re: Aruba LDAP authentication

[ Edited ]

Try to double-check the password of the bind user (Administrator)

 

AAA query user does not authenticate any user,... it just pulls LDAP attributes, so it will not increase the AAA statistics counters.  To test the user, you should use:

 

aaa test-server pap win2008 (username) (password)

 

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 1
Registered: ‎07-13-2015

Re: IAP to Controller

Hi

Customer is using IAP-93 and they want to convert as controller based ... also they goin to purchase new model AP's so wat type of controller can suggest ....


chanjya wrote:

Hello,I try to link  Aruba Controller with LDAP Server(Windows2008) for authenticating Active Directory User.

 

Configuring aaa-authentication-server as ldap, it shows " authentication failed" on executing "aaa query user" from console.

When I see the result of "show aaa authentication-server statistics", all statistics shows 0.

Considering those statistics, I'm afraid that there may be any wrong configurations.

Can anyone show what gives wrong configuration ?

 

I configure LDAP Server as follows:

------------------------------------------------

aaa authentication-server ldap "win2008"
   host 192.168.1.124
   admin-dn "administrator"
   admin-passwd 731e5a97ee42c61d372fdcf9f3bb9288886df767ef25a742
   base-dn "CN=Users,DC=test-domain,DC=com"

 

aaa server-group "ldap"
 auth-server win2008

 

aaa profile "ldap-test"
   authentication-dot1x "ldap-test"
   dot1x-server-group "ldap"

-------------------------------------------------

 

When I execute a query command.

-------------------------------------------------

(Aruba620) #aaa query-user win2008 Administrator

Authentication failed

-------------------------------------------------

 

When I execute a statistics command.

-------------------------------------------------

(Aruba620) #show aaa authentication-server ldap statistics

LDAP Server Statistics
----------------------
Statistics             win2008
----------             -------
Login Requests         0
Login Success          0
Login Failure          0
Login Timeout          0
Total Unbind Requests  0
  - Reason: Timeout    0
AvgRespTime (ms)       0
Uptime (d:h:m)         0:0:0

--------------------------------------------------

(Aruba620) #show ver
Aruba Operating System Software.
ArubaOS (MODEL: Aruba620), Version 6.1.2.8
Website: http://www.arubanetworks.com
Copyright (c) 2002-2012, Aruba Networks, Inc.
Compiled on 2012-02-24 at 23:49:46 PST (build 32519) by p4build

ROM: System Bootstrap, Version CPBoot 1.0.0.0 (build 23274)
Built: 2010-01-19 11:11:41
Built by: p4build@re_client_23274

 

Regards


Mani Kandan

Guru Elite
Posts: 20,773
Registered: ‎03-29-2007

Re: IAP to Controller

As said above, please double check the username and password of the bind user, to make sure that is correct.  Please also double check the fqdn of the base-dn.

 

Quite frankly, few people use ldap because on the ldap side there is little feedback about errors when they occur.  It is advised that the user deploy radius, instead for authentication, because it is more flexible and it has more straightforward support for encryption.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: