Security

Reply
Highlighted
Occasional Contributor II

Active Directory Authentication for wireless users

A customer wants mobile users at a university to authenticate to join in the network by making the clearpass authenticate from the active directory using dot1x.

the mobile phones aren't joined the domain or anything, just the username and password that they will use to login are stored in the active directory, is this possible?

how different will it be if we are authenticating machines that are joined in the domain?

I am getting a bit confused.

thanks in advance

Highlighted
Guru Elite

Re: Active Directory Authentication for wireless users

The short answer is yes for mobile devices.  They connect rather easily.

 

For the domain devices you will probably want to use group policy to push the wireless profiles to domain computers.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Moderator

Re: Active Directory Authentication for wireless users

This is the most common deployment of 802.1X. I'm not really sure what you're asking. 


Thanks, 
Tim


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: Active Directory Authentication for wireless users

If a PC is not joined in a domain but has the credentials stored on the active directory, and another PC is joined the domain,

what is the difference in authenticating both, what changes in configuration will i have to do?

Highlighted
Moderator

Re: Active Directory Authentication for wireless users

For user authentication, nothing is different. Machine authentication requires client side configuration via group policy. Are you working with an Aruba partner? 


Thanks, 
Tim


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: Active Directory Authentication for wireless users

You mean just to enable the wired autoconfig service and enable dot1x authentication on the network connection, right?

Highlighted
Moderator

Re: Active Directory Authentication for wireless users

No you don't need to enable anything. The wireless supplicant is enabled by default. If you are trying to do machine authentication, you should push down a group policy with the supplicant configuration. 


Thanks, 
Tim


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: