Wireless Access

 View Only
last person joined: 18 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

MSM760 Controller - Active Directory authentication

This thread has been viewed 0 times

  • 1.  MSM760 Controller - Active Directory authentication

    Posted Jun 28, 2012 08:14 AM

    Hello!

     

    I need help configuring my MSM760 for Active Directory authentication, I've succesfully joined a domain and activated the default Active directory groups on my controller. 

     

    I configured the VSC to use 802.1X authentication and checked in the box for Active Directory authentication.

     

    When I try to connect to the network I get the error message "Network authentication failed because of a problem with the user account".

     

    This is my first time working with this type of solution, any kind of tip that would point my in the right direction would be highly appreciated!

     



    #ActiveDirectory
    #msm
    #msm760
    #AD
    #Controller


  • 2.  RE: MSM760 Controller - Active Directory authentication

    Posted Jul 08, 2012 07:40 AM

    Try the below link from HP, has full details about Active Directory configuration, it is an old one but still valid:

     

    http://h20000.www2.hp.com/bizsupport/TechSupport/CoreRedirect.jsp?redirectReason=DocIndexPDF&prodSeriesId=3963981&targetPage=http%3A%2F%2Fbizsupport2.austin.hp.com%2Fbc%2Fdocs%2Fsupport%2FSupportManual%2Fc02634578%2Fc02634578.pdf

     



  • 3.  RE: MSM760 Controller - Active Directory authentication

    Posted Jul 09, 2012 09:51 AM

    Hi, thanks for the answer!

     

    However I'm still having problems, maybe I should have mentioned in the OP that I'm running against a Samba 4 Domain aswell.

     

    On the supplicant I ran: netsh ras set tracing * enabled. Everything seems to be fine until the end of the log when I recieve the following error:

     

    [13660] 07-09 12:25:38:425: Success received...
    [13660] 07-09 12:25:38:426: Done :)
    [13660] 07-09 12:25:38:426: GetClientMPPEKeys
    [7996] 07-09 12:25:38:506: EapMSChapv2MakeMessage
    [7996] 07-09 12:25:38:506: EapMSChapv2CMakeMessage (\administrator)
    [7996] 07-09 12:25:38:506: EMV2_CHAPAuthSuccess
    [7996] 07-09 12:25:38:506: EapMSChapv2CMakeMessage: rcvd invalid pk, code: 4, expecting 3
    [7996] 07-09 12:25:38:542: EapMSChapv2End
    [7996] 07-09 12:25:38:542: ChapEnd

     

    I've googled my heart out on this problem but have yet to find anything usefull, maybe Samba is just not supported by the controller?

     

    Thanks again for the help!

     

     

     



  • 4.  RE: MSM760 Controller - Active Directory authentication

    Posted Jul 10, 2012 06:32 AM

    Samba... it's a good guess.

     

    the controller do ldap query to specific attribute (MsNPAllowDialin) in ad, that i don't think are implemented by samba.

     

    i wolu try to find a you can che have a radius implementation that interface with the samba AD, like IAS do with Microsoft AD.