Controllerless Networks

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password. 

Thank you,

Can you share the details of the WLAN setup (Each section if possible)? Also a screenshot of your LDAP server settings (omit what you do not want to share)

------------------------------
Dustin Burns

Lead Mobility Engineer @Worldcom Exchange, Inc.

ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022
If my post was useful accept solution and/or give kudos
------------------------------

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

Hello Dustin,

Please see WLAN settings below.







LDAP settings.


As I said, Android phone is working. But windows client give error "Can't connect to this network". And there is no radius server.

Thanks,
Original Message:
Sent: Dec 16, 2022 01:10 PM
From: Dustin Burns
Subject: IAP 515 WLAN LDAP authentication

Can you share the details of the WLAN setup (Each section if possible)? Also a screenshot of your LDAP server settings (omit what you do not want to share)

------------------------------
Dustin Burns

Lead Mobility Engineer @Worldcom Exchange, Inc.

ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022
If my post was useful accept solution and/or give kudos

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

If you are using 802.1x with ldap (with eap termination), the only eap type you can use is EAP-GTC, which is not available for windows outside of installing a supplicant on all of those machines.  It is advised to use radius for all 802.1x authentication.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
------------------------------

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

Hi cjoseph,

The customer doesn't have a radius server and they want to authenticate wireless clients using LDAP. It's working for android phones but windows clients are giving error "Can't connect to this network". Is there any way we can use LDAP for wireless authentication using username and password?

Thanks,
Original Message:
Sent: Dec 16, 2022 01:34 PM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If you are using 802.1x with ldap (with eap termination), the only eap type you can use is EAP-GTC, which is not available for windows outside of installing a supplicant on all of those machines.  It is advised to use radius for all 802.1x authentication.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

Is the customer using Active Directory?

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
------------------------------

Original Message:
Sent: Dec 17, 2022 04:07 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hi cjoseph,

The customer doesn't have a radius server and they want to authenticate wireless clients using LDAP. It's working for android phones but windows clients are giving error "Can't connect to this network". Is there any way we can use LDAP for wireless authentication using username and password?

Thanks,
Original Message:
Sent: Dec 16, 2022 01:34 PM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If you are using 802.1x with ldap (with eap termination), the only eap type you can use is EAP-GTC, which is not available for windows outside of installing a supplicant on all of those machines.  It is advised to use radius for all 802.1x authentication.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

Yes..
Original Message:
Sent: Dec 17, 2022 04:10 AM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

Is the customer using Active Directory?

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 17, 2022 04:07 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hi cjoseph,

The customer doesn't have a radius server and they want to authenticate wireless clients using LDAP. It's working for android phones but windows clients are giving error "Can't connect to this network". Is there any way we can use LDAP for wireless authentication using username and password?

Thanks,
Original Message:
Sent: Dec 16, 2022 01:34 PM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If you are using 802.1x with ldap (with eap termination), the only eap type you can use is EAP-GTC, which is not available for windows outside of installing a supplicant on all of those machines.  It is advised to use radius for all 802.1x authentication.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

If the answer is yes, Windows Server comes with a free radius server that can be installed by adding the Windows Component NPS. The can use that for radius authentication and it will support all clients.  Do a search for Windows NPS on here for instructions.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
------------------------------

Original Message:
Sent: Dec 18, 2022 05:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Yes..
Original Message:
Sent: Dec 17, 2022 04:10 AM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

Is the customer using Active Directory?

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 17, 2022 04:07 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hi cjoseph,

The customer doesn't have a radius server and they want to authenticate wireless clients using LDAP. It's working for android phones but windows clients are giving error "Can't connect to this network". Is there any way we can use LDAP for wireless authentication using username and password?

Thanks,
Original Message:
Sent: Dec 16, 2022 01:34 PM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If you are using 802.1x with ldap (with eap termination), the only eap type you can use is EAP-GTC, which is not available for windows outside of installing a supplicant on all of those machines.  It is advised to use radius for all 802.1x authentication.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

So Windows NPS will support authentication for all devices (including personal gadgets and work computers) with just username and password right?
Original Message:
Sent: Dec 18, 2022 05:29 AM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If the answer is yes, Windows Server comes with a free radius server that can be installed by adding the Windows Component NPS. The can use that for radius authentication and it will support all clients.  Do a search for Windows NPS on here for instructions.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 18, 2022 05:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Yes..
Original Message:
Sent: Dec 17, 2022 04:10 AM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

Is the customer using Active Directory?

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 17, 2022 04:07 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hi cjoseph,

The customer doesn't have a radius server and they want to authenticate wireless clients using LDAP. It's working for android phones but windows clients are giving error "Can't connect to this network". Is there any way we can use LDAP for wireless authentication using username and password?

Thanks,
Original Message:
Sent: Dec 16, 2022 01:34 PM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If you are using 802.1x with ldap (with eap termination), the only eap type you can use is EAP-GTC, which is not available for windows outside of installing a supplicant on all of those machines.  It is advised to use radius for all 802.1x authentication.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

Correct.  You will have to configure those devices correctly, however.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
------------------------------

Original Message:
Sent: Dec 18, 2022 06:05 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

So Windows NPS will support authentication for all devices (including personal gadgets and work computers) with just username and password right?
Original Message:
Sent: Dec 18, 2022 05:29 AM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If the answer is yes, Windows Server comes with a free radius server that can be installed by adding the Windows Component NPS. The can use that for radius authentication and it will support all clients.  Do a search for Windows NPS on here for instructions.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 18, 2022 05:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Yes..
Original Message:
Sent: Dec 17, 2022 04:10 AM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

Is the customer using Active Directory?

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 17, 2022 04:07 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hi cjoseph,

The customer doesn't have a radius server and they want to authenticate wireless clients using LDAP. It's working for android phones but windows clients are giving error "Can't connect to this network". Is there any way we can use LDAP for wireless authentication using username and password?

Thanks,
Original Message:
Sent: Dec 16, 2022 01:34 PM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If you are using 802.1x with ldap (with eap termination), the only eap type you can use is EAP-GTC, which is not available for windows outside of installing a supplicant on all of those machines.  It is advised to use radius for all 802.1x authentication.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

Android has a built in supplicant that is capable of EAP-GTC.  Windows does not.  It is worth looking at the android settings to see how it is configured for clients that connect successfully to confirm.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
------------------------------

Original Message:
Sent: Dec 17, 2022 04:07 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hi cjoseph,

The customer doesn't have a radius server and they want to authenticate wireless clients using LDAP. It's working for android phones but windows clients are giving error "Can't connect to this network". Is there any way we can use LDAP for wireless authentication using username and password?

Thanks,
Original Message:
Sent: Dec 16, 2022 01:34 PM
From: Colin Joseph
Subject: IAP 515 WLAN LDAP authentication

If you are using 802.1x with ldap (with eap termination), the only eap type you can use is EAP-GTC, which is not available for windows outside of installing a supplicant on all of those machines.  It is advised to use radius for all 802.1x authentication.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

Please be informed that with the 'Don't validate certificate' option, your clients will happily post your credentials to any network that 'spoofs' the same SSID.

It's not possible to create a secure authentication with username-password unless you have full control (management) over the client.
Use EAP-TLS with client certificates as the only solution to deploy secure authentication.

LDAP (to Active Directory) will not expose the user's password, which is required to do PEAP-MSCHAPv2 authentication, so in practice LDAP authentication is not even possible for wireless clients (as mentioned by others).

Please consult your Aruba partner or Aruba SE to make sure that you deploy according to appropriate security standards.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,

Hi Herman,

Noted. As Joseph here suggested, I will try to set up Windows NPS as a radius server for wireless client authentication. In this case it is possible to authenticate the user with username/password alone right?? Also the customer want to use the AD credentials for all the devices user has (including personal devices).

Thanks,
Original Message:
Sent: Dec 20, 2022 03:57 AM
From: Herman Robers
Subject: IAP 515 WLAN LDAP authentication

Please be informed that with the 'Don't validate certificate' option, your clients will happily post your credentials to any network that 'spoofs' the same SSID.

It's not possible to create a secure authentication with username-password unless you have full control (management) over the client.
Use EAP-TLS with client certificates as the only solution to deploy secure authentication.

LDAP (to Active Directory) will not expose the user's password, which is required to do PEAP-MSCHAPv2 authentication, so in practice LDAP authentication is not even possible for wireless clients (as mentioned by others).

Please consult your Aruba partner or Aruba SE to make sure that you deploy according to appropriate security standards.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Dec 16, 2022 01:23 AM
From: Ajin Skariah
Subject: IAP 515 WLAN LDAP authentication

Hello,

I am trying to set up ldap authentication (NO RADIUS) for wlan security using AD username and password. The user should be able to connect any devices (personal and work). After setting this up, I am able to sign in using Android phone (used Don't validate CA option). But I am not able to sign in to windows machines. Please see attached. The IAP is managed by Aruba Central. Please help me in setting up this. Requirement is to have the user connect to any of his gadgets (android, iphone, laptops etc.) using just his AD username and password.

Thank you,