Authenticate against AD once

Hi,

We would like to configure Ruckus (Zonedirector 1100) in such a way that users only need to input their AD details once or even better none at all if they are somehow passed through.

Ideally the Director would check user credentials against AD every time they connect to the wireless so if a users access has been removed they cannot access anything even though they may have the passphrase for the WLAN.

We would like to be able to have the SSID and Passphrase as public knowledge but access essentially controlled via Active Directory.

Any thoughts would be appreciated.

Thanks,
Julius

Responses

michael_brado

Former Employee

•

2.6K Messages

•

44.8K Points

6 years ago

Hello Julius,

You can define a WLAN with a WPA2-PSK that is shared, with additional Web
Authentication thru an AD authentication server. Define the AD server first, under
Configure AAA Servers. Then from Configure WLANs, create new, with Standard
type, WPA2/AES encryption/algorithm options, check the box for Web Authentication
and choose your AD server from the drop-down list. I hope this is helpful.

julius_kisielius

30 Messages

•

402 Points

6 years ago

Hi Michael,

Thanks for the quick response.

We have tried this approach before with a web portal but users need to re-authenticate everytime they close their web browser, is there a way to pass through the windows sessions credentials? Or store a cookie of some sort?

Regards,
Julius

mike_martin_a4sgljhk2wn2l

1 Message

•

60 Points

I am interested in the pass-through for windows session, did this get resolved?

2 years ago

julius_kisielius

Authenticate against AD once

Responses

michael_brado

julius_kisielius

mike_martin_a4sgljhk2wn2l

Was this helpful?