Contributor II

Using 2008 server with RADIUS to determine access based on OU

Hello. I have a need to create a RADIUS policy where the server will check if the user is allowed to connect to a specific WLAN based on their OU assignment in AD. Specifically, we need to restrict students and non-technical staff from being able to authenticate to the administrative WLAN. I was wondering if there is a whitepaper that is available.

Guru Elite

Re: Using 2008 server with RADIUS to determine access based on OU

This involves two things: (one mandatory and one optional)




1  A Radius Server Side rule to check things like SSID, AD Group, EAP Type and to return authentication status of "passed" to the Aruba controller.  It can also send an attribute along with that positive authentication back to the Aruba controller



2  A server derivation rule in the Aruba controller to process to attribute to put a user in a role.



How you write#1 depends 100% on your radius server.


Please see this article for how to do it on a Microsoft Radius Server:


Here is an article to see what radius attributes are send to your Aruba Controller from your radius server:


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
Showing results for 
Search instead for 
Did you mean: