Skip to main content

Wed, Jul 1, 2015 2:43 AM

Answered

AD USER CAN AUTHENTICATE IN RESTRICTED WLAN

The setup is we have 2 WLAN (Student & Employee), the user used web authentication via AD. We create 2 groups in our AD (Student and Employee). Our problem is the student can connect to the Employee WLAN and employee can connect to the Student WLAN. We check the user credential in the ZD and it only belongs to one AD group. What would be the next step to be check in order to fix this issue. thanks!!

Responses

Brand User

Former Employee

 • 

2.6K Messages

 • 

44.8K Points

6 years ago

A common approach is to use different VLANs for Student/Employees, and you can use Roles that only permit their specific WLAN access, which can be sent back as a VSA from AD/802.1x.

KBA-2109, NPS Radius with AD: 

https://support.ruckuswireless.com/answers/000002109 

KBA-2946, User Roles on ZoneDirector:

https://support.ruckuswireless.com/answers/000002946

2 Messages

 • 

82 Points

6 years ago

thanks michael!! student and employee are already in separate vlan. i'll check again the Roles.