• September 24, 2020, 07:29:01 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Help configuring AD authentication following retirement of CA server  (Read 1826 times)

0 Members and 1 Guest are viewing this topic.

Offline mjgreen81

  • Rookie
  • **
  • Posts: 4
Hi all,

We are running WiNG v5.7.  When our system was first installed, a 3rd party engineer helped us to configure one of our SSiD's as a "Corporate Network" which users could connect/authenticate to using thier AD credentials (as long as they were part of a specific OU.

Although we never fully rolled out this corporate network for users, testing went well and we had everything working nicely.

A few months ago we retired the 2008R2 Domain controller which would have been the one which we referenced in WiNG for anything AD/LDAP related.  This DC was also our one and only CA server.  The server was replaced with a 2012r2 server DC which has the same IP address as the old server, but a different name.

This new DC has been online for several months, but I only installed the CA role last week in order to try and get this working again.

I have been reading though a few different guides and I cannot seem to get everything working again.  In particular, I am struggling with understanding exactly what needs to be done in order to generate the certificate request, sign and import the certificate and assign/configure the trustpoint.

Would someone be able to help me out by perhaps listing the step by step stages to configure this bit?  Obviously I just need it very high-level as I can use the guides for the details, but this would really help me out so that I can ensure that I am not missing a step and also be more precise about where I am going wrong.


Offline jcoehoorn

  • Jr. Member
  • **
  • Posts: 41
Re: Help configuring AD authentication following retirement of CA server
« Reply #1 on: March 06, 2017, 10:02:58 AM »
Hey, thanks for the post!

We'd love to help you, and you may get some other good responses in this thread. But I think your best chance to get a good response is to re-post the first part of this question (and only the first part) to a Windows Server -specific forum. Limit the scope there to just getting your CA working. Once you have the CA working, please come back here and someone should be able to help you with the configuration getting your WiNG controller connected to that CA/AD server for wireless authentication.
« Last Edit: March 06, 2017, 10:04:53 AM by jcoehoorn »

Offline mjgreen81

  • Rookie
  • **
  • Posts: 4
Re: Help configuring AD authentication following retirement of CA server
« Reply #2 on: March 06, 2017, 10:26:39 AM »

thanks for the reply.

I think I have the CA server working fine though.  I have just run through the process from the beginning again and I get the error when attempting to import the signed certificate.

"Cannot read: Cert Manager import signed cert error"

I just examined the details and noticed the error "RSA key for the certificate not found in database"

Have I missed a step?  What do I need to do to get fix this error?