Controllerless Networks

Reply
New Contributor

LDAP server config with Instant

Hi everyone,

 

I am working with a customer to deploy an Instant cluster using their existing AD for user authentication. They have configured the cluster but are having problems authenticating. They have configured the WLAN to use LDAP for authentication, and have tested the AdminDN account succesfully. I am by no means an AD or LDAP expert so I am a bit stumped. 

 

They have users in several OUs under their main DC. When they configure: 

dc=customerdc,dc=inc

in the BaseDN field, the auth fails and they get an "ldap_search() failed: Operations error" message in the log.

 

When they configure:

ou=customerou,dc=customerdc,dc=inc

in the BaseDN field, authentication works for users in that specific OU.

 

Does anyone know how to configure this so that all users in all OUs under the main DC will authenticate?

 

Thanks,

Chris

Guru Elite

Re: LDAP server config with Instant

Try to configure the base DN as only dc=customerdc,dc=inc


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
New Contributor

Re: LDAP server config with Instant

Hi cjoseph - we did that originally and that config produced the error as noted. Only with an additional OU listed did the auth work. Any idea why that might be?

Guru Elite

Re: LDAP server config with Instant

I do not.

 

Are they using LDAP with Captive Portal pointing at AD?  If so using Radius to NPS instead could allow us to sidestep that, if you want to try it.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Occasional Contributor II

Re: LDAP server config with Instant

I am trying to configure LDAP authentication server also. Where I can see log, currently all is configured properly I think but still windows7 is kicking me out. I cannot find where is the log for that authentication service.

MVP

Re: LDAP server config with Instant

Hello!

 

You respond to a 5 year old topic - might be better of creating your own. Instant with LDAP has been discussed many times with more recent information.

 

For debugging - try the instant web training module 5. Here you will get information on how to troubleshoot the EAP process. More specifically between 4 and 7 minute..

 

http://www.arubanetworks.com/products/networking/aruba-instant/instant-training/

 


Regards
John Solberg

-ACMX #316 :: ACCX #902 :: ACSA
Aruba Partner Ambassador
Intelecom/NetNordic - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: