Wireless Access

Reply
New Contributor
Posts: 3
Registered: ‎07-03-2013

LDAP Authentication Problem

I am trying to setup LDAP with Airwave 7.5 to allow users to login and be given a role based on a group membership.

 

In Active Directory I have set up 2 security groups one called AMP-Admin and AMP-User, then when the users logs in they will be given the relevant rights based on the group they belong to. The trouble I am having is forming the correct setup for the LDAP to look at the groups a user is a member of and then if they belong to either group they can log in and be give the correct role.

 

Airwave is something new to me but I managed to get a simple test to work using the Description field in the user account.

Moderator
Posts: 1,252
Registered: ‎10-16-2008

Re: LDAP Authentication Problem

This thread may prove helpful:

http://community.arubanetworks.com/t5/AirWave/Airwave-7-5-and-LDAP-authentication/m-p/48858/highlight/true#M966

 


Rob Gin
Senior QA Engineer - Network Services
Aruba Networks, a Hewlett Packard Enterprise Company
New Contributor
Posts: 3
Registered: ‎07-03-2013

Re: LDAP Authentication Problem

I have already gone through that thread but it doesn't help. All i am trying to do is look to see if there user trying to login is a member of one of two groups. If they belong to the Admin group then they login with an Admin Role, if they belong to a user group they login with a user role and if they do not belong to either group they cannot log on.

 

My LDAP connection works fine with a very simple setup but after that it fails every time with the error log telling me too many results were returned. I want to to say the Role Attribute is AMP-Admin or AMP-User but the information I can find in the user manual is limited and doesn't help.

Moderator
Posts: 1,252
Registered: ‎10-16-2008

Re: LDAP Authentication Problem

Let me look into this further.  I will update when I have more info.


Rob Gin
Senior QA Engineer - Network Services
Aruba Networks, a Hewlett Packard Enterprise Company
Aruba Employee
Posts: 15
Registered: ‎04-03-2013

Re: LDAP Authentication Problem

When you setup your user on the AD, under properties, the name you provide for the Department under the Organization tab needs to match the role you provide an AirWave. Then the role matching will happen correctly and the the user that logs in to AirWave will get that role you configured on on AMP Setup > Roles. Let us know if you still have issues authenticating. 

New Contributor
Posts: 3
Registered: ‎07-03-2013

Re: LDAP Authentication Problem

I can authenticate a user using the Description field with the account in AD, but this is not a useful solution. I want to authenticate the user based on a Security group membership. Rather than have to modify user account description fields I want to make them members of a secuirty group and authenticate against membership of that group.

Aruba Employee
Posts: 15
Registered: ‎04-03-2013

Re: LDAP Authentication Problem

Shayne, I got it. Unfortunately this is not supported in AirWave as of now, but we have plans to implement this in a future AirWave release. 

Moderator
Posts: 1,252
Registered: ‎10-16-2008

Re: LDAP Authentication Problem

Good find Sameer.

 

Shayne,

The current limitation is that AirWave does not consume group membership from LDAP, only the Description field is gathered.  The feature to process group membership is currently in the future release bucket.  To increase the chance of the feature getting implemented sooner than later, upvote the feature in the ideas portal on the support site, or file a new feature request in the ideas portal (if the existing one is hard to find).


Rob Gin
Senior QA Engineer - Network Services
Aruba Networks, a Hewlett Packard Enterprise Company
Occasional Contributor II
Posts: 23
Registered: ‎10-14-2013

Re: LDAP Authentication Problem

Has LDAP authentication been resolved in the lastest version of AirWave?

 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: