Authenticate against AD once

  • 1
  • Question
  • Updated 3 years ago
Hi,

We would like to configure Ruckus (Zonedirector 1100) in such a way that users only need to input their AD details once or even better none at all if they are somehow passed through.

Ideally the Director would check user credentials against AD every time they connect to the wireless so if a users access has been removed they cannot access anything even though they may have the passphrase for the WLAN.

We would like to be able to have the SSID and Passphrase as public knowledge but access essentially controlled via Active Directory.

Any thoughts would be appreciated.

Thanks,
Julius
Photo of Julius Kisielius

Julius Kisielius

  • 30 Posts
  • 1 Reply Like

Posted 3 years ago

  • 1
Photo of Michael Brado

Michael Brado, Official Rep

  • 1982 Posts
  • 276 Reply Likes
Hello Julius,

You can define a WLAN with a WPA2-PSK that is shared, with additional Web
Authentication thru an AD authentication server. Define the AD server first, under
Configure AAA Servers. Then from Configure WLANs, create new, with Standard
type, WPA2/AES encryption/algorithm options, check the box for Web Authentication
and choose your AD server from the drop-down list. I hope this is helpful.
Photo of Julius Kisielius

Julius Kisielius

  • 30 Posts
  • 1 Reply Like
Hi Michael,

Thanks for the quick response.

We have tried this approach before with a web portal but users need to re-authenticate everytime they close their web browser, is there a way to pass through the windows sessions credentials? Or store a cookie of some sort?

Regards,
Julius