AP authentication with Active Directory

Hi Guys,

I want to deploy WIFI in my office but same should authenticate with AD and SSO, Please suggest which feature should have in my AP to authenticate with the AD server.

Also want to know, if radius server can be used for AD authentication.

Waiting for the good answer.
Gaurav PandeyAsked:
Who is Participating?
jamil MohammadCommented:
look at CISCO Meraki MR42, one of the best APs that i used. you can authenticate with Active Directory. + it give a lot of information about the end user device (laptop, Smart phone, Tablets,,,, etc) it give you the below:
- how many db from the access point
- mobile name, battery status and battery percentage
- what application are used, such as Facebook, whats-app, linked in, torrents, google map, YouTube, ,,,,, etc
- it has a very friendly and useful statistics for data usage, download and upload rates, traffic,,,,, etc
- you can block specific device in specific access points.
and more of very attractive options that any IT Engineer or administrator would like to have.

have a look into the blow link

good Luck
Mal OsborneAlpha GeekCommented:
Radius is definitely the way top go here, have set this up on several sites myself. Not all low end "home" WAPs will work; you need to select ones that support WPA2 enterprise, rather than just WPA PSK.
Gaurav PandeyAuthor Commented:
SO what should i do over AD server to fulfill this requirement?
Cliff GaliherCommented:
RADIUS is the industry standard in these scenarios. The WAP would authenticate against a RADIUS server, and the RADIUS server would, in turn, talk to one of your domain controllers to authenticate against AD.  So the RADIUS server is, in effect, acting as a bridge, translating between two protocols.

Windows has a RADIUS server in the NPS role.

You can add the NPS role to a member server with extra headroom and that it won't introduce conflicts, or spin up a virtual server for the task to avoid any potential conflicts as well.

You do not need to make any changes to any of your domain controllers.  The NPS/RADIUS server will be the bridge.

I do *NOT* recommend installing NPS *on* any Domain Controllers.  DC's should be kept minimalist whenever possible.  They are highly sensitive machines and should be treated as such.  That's a standard security practice.
PberSolutions ArchitectCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

-- jamil Mohammad (https:#a42427033)
-- Cliff Galiher (https:#a42427300)
-- Mal Osborne (https:#a42426815)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

Experts-Exchange Cleanup Volunteer
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.