How do I search through the active directory forest for radius authentication - I need the users to be able to logon without specifying thier domain

I have been given the task of making our vpn user id's and passwords the same as our Active directory.

Our AD environment consists of one forest and 5 different domains

the user needs to be able to vpn in with  firstname lastname

I thought we could point our vpn device to windows/IAS radius and this would be possible - it is possible, but the user has to specify thier domain name when they log in....

Specifying the domain name is not an option for me - I can only use firstname lastname - I need something that will make radius search through our entire ad structure to find the user name (all our user names are unique)

Who is Participating?
CLozConnect With a Mentor Commented:
If you are using the F5 Firepass you should be able to create a Master Group that authenticates directly with your AD server.  As long as you don't have users with matching ID's across the 5 domains you will not need to supply the domain name during authentication.  

Let me know if you need help creating the Master Group.

Try and use Cisco VPN concnetrator, it has LDAP and you do not specify a domain only user and password.

scarmAuthor Commented:
do you have to use distinguished or fully qualified names?

Also, our vpn is not cisco - it's F5 network's uroam product

- multiple domains - users need to login without specifying domain name
scarmAuthor Commented:
Nobody has any radius / active directory experience out there??
split points
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.