• September 22, 2018, 03:41:39 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Authentication with AD by using LDAP agent ( Wing 5.8 )  (Read 1465 times)

0 Members and 1 Guest are viewing this topic.

Offline bonnhh

  • Rookie
  • **
  • Posts: 3
Authentication with AD by using LDAP agent ( Wing 5.8 )
« on: March 02, 2017, 11:46:21 PM »
Hi,

Recently i am setting my Zebra AP to do authentication through window AD and i have successful to join the AP to the server domain as when i show ldap-agent joint status it show joined and at AD it show the AP name in the computer folder but when I connect to broadcast SSID and key in the username and password it show failure. I have review back the event viewer at AD server  it shown " the sessions setup from the computer AP-Name failed to authenticate the following error occur access denied Event ID 5805 and 5723"..I have try to add in the DNS into the ap and rejoint the domain..but still not working. Any ideal how to solve this?
« Last Edit: March 03, 2017, 03:47:12 AM by bonnhh »


Offline jcoehoorn

  • Jr. Member
  • **
  • Posts: 40
Re: Authentication with AD by using LDAP agent ( Wing 5.8 )
« Reply #1 on: March 03, 2017, 01:07:29 PM »
I've been trying to get this working, too.

I can make it work if the LDAP settings use port 389 (not encrypted) and I put the password in an unused AD attribute. I cannot make it work using the real AD password, even with reversible encryption turned on for the account (and following a password change), and I cannot get the encrypted link to AD working.

I'm looking at standing up a free-radius server as an alternative, which is very disappointing :(

Offline McNulty

  • Sr. Member
  • ****
  • Posts: 216
Re: Authentication with AD by using LDAP agent ( Wing 5.8 )
« Reply #2 on: March 11, 2017, 07:04:21 PM »
Do you get the same issue with all client types? When I set this up in a Windows 7 environment it was required to install a 3rd party supplicant on the Windows machines as the built-in supplicant couldn't do the correct type of Auth for LDAP.
Android and Apple device worked natively, IIRC.

I believe that Windows 10 has got a better supplicant now.

Offline jcoehoorn

  • Jr. Member
  • **
  • Posts: 40
Re: Authentication with AD by using LDAP agent ( Wing 5.8 )
« Reply #3 on: March 13, 2017, 12:54:44 PM »
In my case, I haven't even tried for wifi yet.

Before I do the wifi deployment, I was trying to get it working with the VPN service on our gateway security appliance. Currently, I have VPN set up using local accounts on the security appliance to provision VPN access. I'd much rather have my users put their AD credentials here, and I was hoping to allow this via the radius server in the RFS 4000. And again, this *does* work, but only if I tell the RFS to look for the password in some weird AD attribute field. I can pick any field I want for this (I'm using "division" right now), but UserPassword does not work for pulling the user's actual password.

Get the VPN stuff working, and then an 802.1x SSID is the next thing on my list.