Integrating Aruba WLAN with multiple LDAP servers
I have two Windows Servers (2003 and SBS). Each is its own domain as one is for parish employees and one is for the school. (No, not ideal.) They are both on the same subnet and share the same gateway.
Can I create a couple SSIDs... say one for students and one the parish employees? During config, the student SSID would look for the LDAP of the school server and the parish employee SSID would look to the SBS's LDAP?
There aren't too many of the church employees and probably less that would use wi-fi, but it would be great if I could configure it this way.
Sure, the Aruba solution can be set up in the manner you are requesting. There are multiple ways to do this, with one approach being:
1. Create two Virtual AP profiles, each with an SSID and a AAA profile. So this would give you seperate networks.
2. The AAA profiles are the spot where the authentication servers are configured for each network.
3. In the case of the student SSID, have the student LDAP specified in the AAA Profile/Servergroup.
4. In the case of the employees, have the reverse...the employee LDAP specified.
5. Configure the AP group of the access points to advertise each of these virtual APs.
We use this same setup, we have a faculty, corp, student and guest SSID being broadcasted. The student SSID goes to one domain and the faculty/corp goes to another. Although we use RADIUS instead of LDAP.
One thing I'm in the process of planning is a new deployment for our SSIDs to have just a SSID and a Guest network. It will then try the first RADIUS server (a student RADIUS server) and if it fails it goes to the next (corp/faculty RADIUS server).
The nice thing with this is there is less confusion about what to connect to and it cuts down the number of SSID advertisements you are doing!