WLC 5508 LDAP Windows 2008 Server - auth based on AD groups
hi NG,
i'm trying to web-authenticate my Wifi user of an WLC 5508 against LDAP.
Thereby i'm trying to autenticate all users within a GROUP, not an OU within the MS Active Directory based upon an Windows 2008 Server.
I can authenticate against a user, witch is beeing put into an OU, according to examples based here: https://www.cisco.com/en/US/products/ps6366/prod_configuration_examples_list.html
Checking based upon Users within OUs works fine.
But i have not got all of those users wihin one single OU!
Need help for following: LDAP-Auth based on AD Groups:
Using:
MS-Domain: MY-DOMAIN.CH
AD-GROUP: VPN-USERS
AD-Structure:
MY-DOMAIN.CH
|
GROUPS
|
Administrative Groups
|
VPN-USERS
(-> Member of this Groups (Wireless1, Wirless2, ...)
Server Adress: IP.IP.IP.IP
Port: 389
Enable Server Stats YES
Simple Bind Authenticated
Bind Username LDAP-USER
Bind Password supersecret
Bind Passw. confirm supersecret
User Base DN: ?-1-?
User Attribute: ?-2-?
User Object Type: Person
Server Timeout 2
What happens for instance, if i put a GROUP within a GROUP regarding the LDAP Authentication.
I guess i have to authenticate against the "upper" GROUP, or do i have to create an entry on the WLC for every GROUP i'm questoning?
Could some one provide my with an example, since i have not found documentation regarding this topic.
Thank you.
Hi,
User Base DN : this is in case you want to restrict the search area. If you put "dc=mydomain,dc=CH", you will search your whole AD. Depending on the size, it can be slow ...
Remember that the User Base DN is also used for the admin user.
In conclusion, User Base DN should be the most restrictive path that leads to both the admins and the users you want to authenticate.
Example :
OU=Employees,OU=Humans,DC=Mydomain,DC=CH
This would prevent to search in machines or any assets. This implies that the admin you bind with is an employee and you are only authenticating employees. You can have any number of OUs under employees, it doesn't matter
Attribute : This is the object attribute that the WLC uses to compare with the user name. In general, you would go with sAMAccountName in AD. CN would be another common example for LDAP databases.
If what you are looking for is to restrict access and only authenticate people who belong to a certain group. Then you need a radius server like ACS.
That server will be able to make selections and check the "memberOf" attribute to make sure it is in a certain group.
Nicolas
===
Don't forget to rate answers that you find useful
Similar Messages
-
WLC integrating with Windows 2008 AD
Hi,
I want to integrate WLC with windows 2008 server. If anybody done this integration i would like to know what are the step i need to do in the Microsoft Side, If you have any document related to MS 2008 integration pls share the information with me.
Thanks in adavence.
Regards,
SunishCan you provide more detail around what you mean by integrate? I don't think a WLC can talk directly to AD (Kerberos, LDAP, or otherwise).
If what you mean by "integrate" is to be able to authenticate wireless users against AD, then you will need something to proxy that authentication. That is usually a RADIUS server. Cisco ACS and Microsoft IAS and two common RADIUS servers, both of which can talk to AD. Check out the Cisco ACS 4.2 configuration guide for a good example. Here's a link to an older Microsoft article, but it still applies to 2008 (Microsoft IAS is still included with Windows Server).
http://www.microsoft.com/downloads/details.aspx?familyid=0f7fa9a2-e113-415b-b2a9-b6a3d64c48f5&displaylang=en -
Windows 2008 Server on Sunfire V20z Server
I am looking to install Windows 2008 Server (Standard Edition) on a retired Sunfire V20z server. The box is totally raw - i.e. new drives with no OS. The problem is that the Win2008 install disc is a DVD and the V20z only has a CD-ROM drive. I purchased an external DVD USB drive, but the BIOS does not support booting from the USB. I'm thinking updating the BIOS to version 1.35.3.2, but I can't find any documentation that it even supports USB booting.
Anyone have any ideas on how I can install Win2008 server on this raw box?Depending on what other resources you have to hand I'd use one of the following approaches. Note: I don't have a V20z but the following approach has worked on other machines which had no DVD drive.
Open the box and temporarily connect a slimline IDE DVD-ROM in lieu of the built in CDROM. I've found that while there is often a proprietary interface on the M/B the connection at the drive end can normally be dismantled and connected to another drive. I use one salvaged from an IBM P3 based Netvista.
or
Download the Microsoft WAIK and generate a Windows PE CDROM. Insert that into the CD drive and place the Windows 2008 DVD in the USB DVD drive. Boot the machine from the CD and then launch the Windows setup program from the USB DVD. The process for creating the Windows PE CDROM is straightforward and is covered in the Windows PE User's Guide as provided in the WAIK but here are the steps.
Launch the Deployment Tools Command Prompt and run the following commands ( for amd64 )
copype amd64 C:\winpe_amd64
copy c:\winpe_amd64\winpe.wim c:\winpe_amd64\ISO\sources\boot.wim
oscdimg -n -bC:\winpe_amd64\etfsboot.com C:\winpe_amd64\ISO C:\winpe_amd64\winpe_amd64.iso
Burn the resulting ISO to a CD. -
Windows 2008 Server License Key not working on VirtualBox
I have a validated licensed copy of Windows 2008 Server and I need to load it on a Virtual machine (I am running Oracle VirtualBox). When I had the server running on a hardware based server it worked fine. The license key activated and it worked. Now when
I load it onto the VirtualBox solution it fails. It will take it when I run the manual command but will not show my server as activated. This is for my private use only (internal home LAN) but I would prefer to have the activation be correct since I use this
setup to help keep fresh on Windows 2008 servers while being on a Linux OS with a VM software loaded. What can I do to have this server activate correctly under the VirtualBox?
Thanks,
TomHi Tom,
Base on my experience, after we convert a physical computer system to virtualize environment we need to reactive it, with MAK active method we need keep this vm to connect to
internet and with KMS method please confirm this vm can communicate with your KMS server.
The related KB:
Understanding MAK Activation
https://technet.microsoft.com/en-us/library/ff793435.aspx
Volume Activation in Disconnected Environments
https://technet.microsoft.com/en-us/library/dd981010.aspx
I’m glad to be of help to you!
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
We have plan to windows 2008 server ECC5(is reatil) oracle 10G.
Dear all
Presently we are using winwos 2003 server enter prize edition ,ECC5(is
retails), oracle 9.2.0.7.
we have plan to windows 2008 server ECC5(is reatil) oracle 10G.
Is windows 2008 suported to the ECC5 (is-Reatail) and oracle 10G .
if supported please advise windows 2003 server is better or windos 2008 server better .
Thanks
Edited by: Venkat Ramesh on Aug 18, 2008 9:47 AMECC 5 is based on kernel 6.40 which is not (yet) released for Windows 2008.
See also note 1054740 - SAP System Installation on Windows Server 2008
I would recommend installing on Windows 2003 and later upgrade your system to Windows 2008 when kernel 6.40 is available.
Markus -
Why no 64 bit editions - or no Windows 7 / Windows 2008 server support yet
Hi all
I'm still having to run trials etc on a Windows 2003 Server virtual machine
Can we get at least SUPPORT so we can run the trial versions on Windows 7 / Windows 2008 server 64 bit versions.
Most computers are coming with Windows 7 pre installed now so having to keep running on XP type systems is a bit OLD now - especially with SAP enbracing new web based technology.
Hi Mods
perhaps you can delete this as I've just seen the other Windows 7 support thread.
Cheers
jimboYou posted your inquiry to a hardware forum.
Which blade server do you own?
Do you have a question on any specific hardware component in that system?
Perhaps we could point you to that system's documentation
http://www.oracle.com/technetwork/indexes/documentation/index.html
if you told us which hardware you own.
Frankly, you need to go find a Microsoft-centric forum and ask your question over there. -
Radeon Drivers problems with BootCamp Windows 2008 Server R2
Hello !! I have some troubles with BootCamp and Windows 2008 Server R2... I can't find any graphic drivers for my AMD Radeon HD 6490 !! Heeeelp please
(I Have a Macbook Pro i7)Shoooryuken, did you ever get this problem resolved? I have thhe same issue...
I have the 2011 MacBook Pro 15" 2.0ghz Quad Core i7 with integrated Intel HD Graphics 3000 and AMD Radeon 6490M.
I just installed Windows Server 2008 R2 (Which is based on Windows 7) using Boot Camp. After I installed it, the I only have 3 resolution options, all of which are stretched. I checked the device manager and found that the Apple Instal DVD did not work and only a "Standard VGA Graphics Adapter" was installed. It also reports a whopping 16MB of graphics memory
I downloaded the "detect and install" driver utility from AMD (http://support.amd.com/us/gpudownload/Pages/index.aspx) and it detected my correct OS and downloaded something (driver maybe?). When I clicked install, I recieved this message: "AMD Catalyst Mobility cannot be downloaded due to incompatible hardware/software on your computer. Your computer does not contain a proper graphics adapter."
I don't really know why Windows does not detect the graphics card. Right now I am trying to install the Intel graphics drivers for the Intel HD 3000 integrated graphics... I will report back if I get the integrated graphics running... -
How to install a plugin on 64 bits windows 2008 server?
From the developer forum, I found a description which told me how to install a plugin on windows series system, but I only succeded intalling the plugin on 32 bits windows xp, couldn't install the plugin on 64 bits windows 2008 server. Any ideas or advices, men of genius? Thanks :-)
Please check if all your plugins are up-to-date. To do this, go to the [http://mozilla.com/plugincheck Mozilla Plugin Check site].
Once you're there, the site will check if all your plugins have the latest versions.
If you see plugins in the list that have a yellow ''Update'' button or a red ''Update now'' button, please update these immediately.
To do so, please click each red or yellow button. Then you should see a site that allows you to download the latest version. Double-click the downloaded file to start the installation and follow the steps mentioned in the installation procedure. -
How to install Cisco Work 3.2 on Windows 2008 Server Standard R2
Hi Everyone,
I have got Cisco Works LAN Management 3.2. But the problem is that i have a Windows 2008 Server Standard R2 and when i try to install, it fails. What I read from the below link is that it supports
"Windows 2008 Server Standard and Enterprise Edition with Service Pack 1 and 2. Both 32-bit and 64-bit operating systems are supported on the above versions."
http://www.cisco.com/en/US/partner/prod/collateral/netmgtsw/ps6504/ps6528/ps2425/data_sheet_c78-534877.html
Please help me out on how i should install on the Windows 2008 Server Standard R2. If there is any patch or any other way out.
Awaiting your response.
FaridHi ,
LMS 3.2 is not supported on Windows 2008 Server Standard R2.
here is the supported platoform for LMS 3.2
http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/3.2/install/guide1/prereq.html#wp1110367
Thanks,
Gaganjeet -
Error connecting to the SAP SRV on Windows 2008 Server platform
Hi All
We have a problem with one of our clients they bought a new sbs windows server 2008 and we loaded sql 2005 and sap b1 SP01 PL07.
When we did the SBO install we experience connection issues and we created odbc connection on the server using named pipes and tcp/ip (used both server name and Ip address).
We also configured the server in configuration manager and we managed to login and solved the slow system connection issue. We also created odbc connection on the client machines. (Machine are on a workgroup and users have administration access on all machines),we also installed native client on all machines.
After the first batch of client installs we managed to have connection, they were other computers which were left out during the first client install and now the client want to do the remaining machines connected to SBO. On every machine that we install now we get the same error :-
*Connection failed:
SQLState:'08001'
SQl Server error:10060
[Microsoft][SQL Native Client] TCP Provider: A connection attempt failed because the connected party didnot properly repsond after a period of time, or established connection failed because connected host has failed to respond.
Connectioin failed:
SQLState:'HYT00'
SQL Server Error:0
[Microsoft][SQL Native Client]Login timeout expired
Connection failed:
SQLState:'08001'
SQL Server Error: 10060
[Microsoft][SQL Native client] An error has occurred while establishing a connection to the server. When connecting to the sql server 2005, this failure may be cause by the that*
Please help as most user who need access can't login and they are the main users.
rgds,
Bongani DlaminiHi Eric,
yes we are using Windows 2008 SBS for the SAP EHP4 FOR SAP ERP 6.0/NW7.01 installation.
we tried to create the key but it says access is denied.
Actual thing is we got the server with Windows 2008 server 64 bit SBS (standard FE) with Domain Controller (DC) configuration.
We have removed the DC using dcpromo to convert into Wokgroup and tried the SAP installation.
I hope you got the idea and please let me know any further suggestions or it is the problem with the license.
Thanks & Regards,
Prabhu Reddy. -
Bank Statement management in SAP B1 on a VMWare Windows 2008 server
Hi everybody,
One of our customer is using a VMWare Windows 2008 server with SAP B1.
Actual version of Business One is SBO 2007A PL 00 PL 15 (SQL Server 2005).
Since the installation of this server using VMWare, we encouter problems using the SAP B1 Integration Platform for the process of the bank statements.
Everything including bank statements transfer was working very fine on a "real" server before new implementation.
When trying to open the Integration Platform Control Center on the server, we now receive the following message regarding JAVA.
"JAVA Virtual Machine Launcher : could not find the main class : program will exit."
JAVA is well installed on the VMWare server.
We have searched for a solution on the Web and it seems that JAVA and VMWare are not compatible. Does anybody have any information about that ?
Does anybody already have this problem with Integration Platfom on VMWare server ?
Is there a solution to our problem ?
Thanks for all your contributions.
Best regards.
MichelHi Michel,
First of all, your PL is too low. AFAIK, the first supported PL for 2007A SP00 is PL30. You may upgrade your PL first to see if that is a bug or not.
Thanks,
Gordon -
Crystal Reports 2011 not working in windows 2008 server CITRIX
Hi All,
We are using Crystal reports 2011 in windows 2008 server which is CITRIX farm., having crystal reports 2011 runtime in it..
We are using .net applicationton to run the reports.
The crystal reports parameter popup is getting opened. But the calendar icon is not fuctioning ..clicking on the calendar control no pop up appears. no error too..
OK button is not responding. Cancel button too.
Can you please help us why we are facing this issue in CITRIX only. When we are using the same version in desktop, Crystal report is working fine.
Please feel free to ask if required any more details about my problem.
Regards,
Venkat.KIdo's idea is excellent, only addition I'd like to make is the following:
You are trying to run a .NET app. However, CR 2011 does not install any SDKs. So, the directory specified by Ido is not correct. Assuming that by CR 2011 you actually mean "SAP Crystal Reports, Developer Version for Visual Studio .NET", then the directory would be:
C:\Program Files (x86)\SAP BusinessObjects\Crystal Reports for .NET Framework 4.0\Common\Crystal Reports 2011\crystalreportviewers\prompting
If that does not help, use Process Monitor and see what the logs tell you (look for Access Denied messages).
- Ludek
Senior Support Engineer AGS Product Support, Global Support Center Canada
Follow us on Twitter -
Windows 2008 Server and HP Color LaserJet 2605dn Driver Issue when Sharing Printer
I have a HP Color LaserJet 2605dn printer that I need to setup on a Windows 2008 server. I need the server to act as a Print server, but I have been unable to get any drivers to load other than the 64 Bit Universal drivers. Because most of the company uses XP (32 and 64 bit), I also need to load those drivers under additional drivers; however, I have been unable to load them, when I point to the INF file (any of the 10 that unzip from the driver package), it says it is not for this printer. I have even tried the generic 32 bit PS and it says the same thing. Any ideas on what I am doing incorrectly or where to get the drivers that I need?
Thanks,
GaryHello, I have the same problem. For the 2605 Printer is only the universal print driver available. Is seems that HP is to be lazy about making new 2008 driver.
-
Cant add a printer in Windows 2008 Server printer server HP LaserJet P1606dn
Hello,
I am trying to install a HP LaserJet P1606dn printer in a Windows 2008 Server Virtual machine.
The printer is connected to the corporate network and I am able to do ping from my desktop to the printer.
Then I follow this steps.
1.- Install the driver application for W2008 Server.
2.- Add printer in W2008 Printer Server.
3.-Select "add a local or network printer" as an administrator.
4.- Choose network printer
5.-Create a new port --> Standard TCP/IP Port
6.- Fill the host name ---> ("printer1") or IP address --> (XX.XXX.XX.13) I have tried the both options separately but with no result. And fill the port name
7.-At this stage . W2008 Server tells me that " the device is not found on the network" . Be sure that: .....
So, in select device type, I select "Standard" and "Generic Network Card" and click on Next
8.- Install printer driver -> I select the proper driver HP LaserJet 1606dn
9.- Install the printer driver ---> use the driver that is currently installed (recommend)
10.- Type printer name --> "printer1"
11.-Share printer name ---> "printer1"
Here, begins the problem. Trying to print a test page, It says me that "A test page has been sent to your printer", I can see the document in the queue, but the printer page it isn`t thrown away outside.
I dont explain myself why, I have done several trials, and I dont know what happens
I would be very grateful if somebody could help me to solve this issue
Many Thanks
RobertHi lespaul80,
1st- check if you can connect to your printer on web interface(in IE: \\printer ip address
and check under network setup if subnet mask and def. gateway setup
also if you have DNS setup check it too
check if you have SNMP options - desable it
on server try ad printer by direct IP and try use upd drive(PCL6 or PS)
Hope it help you
Regards,
I am an HP employee.
*Say thanks by clicking the "Kudos! Star" which is on the left*
*Make it easier for other people to find solutions, by marking my answer with "Accept as Solution" if it solves your issue.* -
Windows 2008 Server R2 64 bit what version of server applications?
Hi, I'm new here please let me know what version of the OAS [Oracle Applikation Server] is required for the server running Windows 2008 Server R2 64 bit? Server wants to use the forms. I will be grateful for links to the version.
I greet.Hi,
As far as I can see OAS is not supported on Windows 2008 R2. You can have a look here:
http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html
10gR3 - http://www.oracle.com/technetwork/middleware/ias/downloads/oracle-soa-certification-r3-10-131499.xls
10gR2 - http://www.oracle.com/technetwork/middleware/ias/downloads/as-certification-r2-101202-095871.html
Regards Peter Lorenzen
Maybe you are looking for
-
PCMICA Media Card Reader only mounts once per session
After I restart and insert my PCMICA media card reader will show up on the desktop but only once. After I eject the card and reinstall it will not show up on the desktop. The card appears in the menu bar but no where else not on the desktop or in a f
-
Importing/scaling 720x480 video into 1920x1080 sequence
I have AVI file from my older DV camcorder that is 720x480 29.97fps interlace. I want to use these files in my 1920x1080p 23.976fps Premiere Pro CC 2014 sequence. When I drop a 720x480 video clip into the 1920x1080 timeline, the video appears as a
-
My daughters I phone 4 acts as though it is sideways when being used for the camera, messaging, and music, Shutting the phone off seemed to fix it the first time, but it has acted up again and that remedy no longer works. Am I missing something in
-
Why is photoshop only reading 4mb of ram?
I have photoshop 5.1 64bit and it is reading 24mb ram. When I upgraded to photoshop cc it is only reading 4mb. There was no option I seen for 64 bit systems.
-
Verify values in each partition
Hi, I have a table that is partitioned by day. Every they there maybe values putted in the table or not. This table is used to place alarms. I have a fields : week_id. To check what week_id is loaded into the day and to check how many week_id's are i