Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

LDAP Authentication Problem

This thread has been viewed 4 times

  • 1.  LDAP Authentication Problem

    Posted Jul 03, 2013 10:15 AM

    I am trying to setup LDAP with Airwave 7.5 to allow users to login and be given a role based on a group membership.

     

    In Active Directory I have set up 2 security groups one called AMP-Admin and AMP-User, then when the users logs in they will be given the relevant rights based on the group they belong to. The trouble I am having is forming the correct setup for the LDAP to look at the groups a user is a member of and then if they belong to either group they can log in and be give the correct role.

     

    Airwave is something new to me but I managed to get a simple test to work using the Description field in the user account.



  • 2.  RE: LDAP Authentication Problem

    EMPLOYEE


  • 3.  RE: LDAP Authentication Problem

    Posted Jul 03, 2013 11:31 AM

    I have already gone through that thread but it doesn't help. All i am trying to do is look to see if there user trying to login is a member of one of two groups. If they belong to the Admin group then they login with an Admin Role, if they belong to a user group they login with a user role and if they do not belong to either group they cannot log on.

     

    My LDAP connection works fine with a very simple setup but after that it fails every time with the error log telling me too many results were returned. I want to to say the Role Attribute is AMP-Admin or AMP-User but the information I can find in the user manual is limited and doesn't help.



  • 4.  RE: LDAP Authentication Problem

    EMPLOYEE
    Posted Jul 03, 2013 05:06 PM

    Let me look into this further.  I will update when I have more info.



  • 5.  RE: LDAP Authentication Problem

    Posted Jul 04, 2013 07:33 AM

    When you setup your user on the AD, under properties, the name you provide for the Department under the Organization tab needs to match the role you provide an AirWave. Then the role matching will happen correctly and the the user that logs in to AirWave will get that role you configured on on AMP Setup > Roles. Let us know if you still have issues authenticating. 



  • 6.  RE: LDAP Authentication Problem

    Posted Jul 04, 2013 08:16 AM

    I can authenticate a user using the Description field with the account in AD, but this is not a useful solution. I want to authenticate the user based on a Security group membership. Rather than have to modify user account description fields I want to make them members of a secuirty group and authenticate against membership of that group.



  • 7.  RE: LDAP Authentication Problem

    Posted Jul 05, 2013 07:27 AM

    Shayne, I got it. Unfortunately this is not supported in AirWave as of now, but we have plans to implement this in a future AirWave release. 



  • 8.  RE: LDAP Authentication Problem

    EMPLOYEE
    Posted Jul 08, 2013 12:05 PM

    Good find Sameer.

     

    Shayne,

    The current limitation is that AirWave does not consume group membership from LDAP, only the Description field is gathered.  The feature to process group membership is currently in the future release bucket.  To increase the chance of the feature getting implemented sooner than later, upvote the feature in the ideas portal on the support site, or file a new feature request in the ideas portal (if the existing one is hard to find).



  • 9.  RE: LDAP Authentication Problem

    Posted Nov 19, 2013 09:03 AM

    Has LDAP authentication been resolved in the lastest version of AirWave?