Configuring active directory authentication zonedirector 1200

  • 1
  • Question
  • Updated 4 months ago
  • Answered
Hi all, I am configuring a zonedirector 1200 controller to authenticate users thru active directory, when i log in it says authenticated and loops (goes) back to the login page? any solutions to this
Photo of Mandla Ndlovu

Mandla Ndlovu

  • 5 Posts
  • 0 Reply Likes

Posted 6 months ago

  • 1
Photo of Shaun Van Tonder

Shaun Van Tonder

  • 24 Posts
  • 1 Reply Like

Morning Mandla.


I have this exact scenario and works fine.


What does your AAA settings look like ?


Correct IP of domain controller ?



Photo of Mandla Ndlovu

Mandla Ndlovu

  • 5 Posts
  • 0 Reply Likes
@Shaun, Hi...My settings look similar to yours, and I can even successfully test the settings which confirms that the controller can connect to the AD, problems comes after I authenticate, it will say authenticated and then it goes to the same page for login (i.e. asks for the user name and password). But if I put the wrong credentials it will throws an error to say that the username or password is incorrect.

Photo of Shaun Van Tonder

Shaun Van Tonder

  • 24 Posts
  • 1 Reply Like
Is there perhaps a firewall in between the zone director and the DC ?? Seems like the authentication maybe being blocked somehow.
(Edited)
Photo of Mandla Ndlovu

Mandla Ndlovu

  • 5 Posts
  • 0 Reply Likes
Nope, no firewall. Managed to get it to work, had to create Roles for the users and assign them using groups that the user belongs to in AD. Also had to specify the SSID that the user can access after authentication.
Photo of Shaun Van Tonder

Shaun Van Tonder

  • 24 Posts
  • 1 Reply Like

Wow that's crazy, I didn't have to do any of that.


Glad its working


Cheers

Photo of Ronald Bhen Madolin

Ronald Bhen Madolin

  • 1 Post
  • 0 Reply Likes
Hello Shaun,

I already set AAA Settings same as your settings above but how do you setup on Configure>WLAN 

Is this correct configuration?



Looking forward to your response.

Thank you.

Best regards,
Ronald
Photo of Mandla Ndlovu

Mandla Ndlovu

  • 5 Posts
  • 0 Reply Likes
Is there anywhere were I have to put the redirect url?
Photo of Shaun Van Tonder

Shaun Van Tonder

  • 24 Posts
  • 1 Reply Like
And no you can only specify a redirect URL on the Guest Service or Hostpot service from what I can see.. The hotspot service doesn't divert clients in my testing. I have a ticket open with Ruckus support regarding this. The guest one works for URL redirection but that does not help me as I want AD authentication for our students.
(Edited)
Photo of Shaun Van Tonder

Shaun Van Tonder

  • 24 Posts
  • 1 Reply Like

Ok that looks correct. It should basically work tho. Are you using captive portal for AD Authentication.

Have you imported an SSL certificate which you purchased on the Zone Director as well as the intermediate certificate. I had to create a DNS A record on my Windows Server DNS server. So gave it a name zonedirector.domainname.com  then I requested a certificate for this hostname. Captive Portal normally diverts users to the IP Address of the Zone Director but once the certificate is imported it will divert them to the hostname specified in the certificate. We have the captive portal on a guest Vlan so the internal DNS server cannot be contacted so I had to create the Host A record on our Public DNS hosting service.


Regards,

Photo of Shaun Van Tonder

Shaun Van Tonder

  • 24 Posts
  • 1 Reply Like
Also maybe update the firmware on the ZD controller.. I heard from the Ruckus tech that later versions solved issues like yours. Worth a Try....  This is the one I am running on...

https://support.ruckuswireless.com/software/1183-zd1200-9-12-3-0-61-mr3-refresh3-software-release

Photo of Mandla Ndlovu

Mandla Ndlovu

  • 5 Posts
  • 0 Reply Likes
Alright will keep this in mind. Thanks mate