setup An AP as Radius server to access external AD

  • 1
  • Question
  • Updated 4 years ago
  • Answered
bin yu
bin yu 3 days ago
could anyone help me to setup An AP as Radius server to access external AD
1. setup a AAA User Direcotry
select AD, filled domain name, AD server address,
the retrieved get BaseDN.
input an existed Computer OU
filled admin user and password to join AD, successfully,
filled admin user as domain user, validated successfully,
save

2. Aerohive AAA Server Setting
database sellected External DB and select my AD as primary
enable Radius server credential caching
at Radius setting set key file password as share scret. leave other as default.
save

3.setup AAA client

4 default user profile point to my vlan. commit but it doesn't work.

I did add server to an AP from Mornitor Tab

when I do AD/LDAP test, I got return error message.

NT_STATUS_ACCESS_DENIED: access denied(###0zxc0000022###)

Anybody can give some hints?

Thanks
Photo of bin yu

bin yu

  • 26 Posts
  • 2 Reply Likes

Posted 5 years ago

  • 1
Photo of Paul Levasseur

Paul Levasseur

  • 11 Posts
  • 2 Reply Likes
Hello Bin Yu,
It looks like the AP you are on is not in he domain. When you went through the setup, you configure one AP to join the domain. During the setup, the LDAP test is required. Did you get through that LDAP test? Are you testing the same AP that you set up during the initial setup, or a different one?
Time is also key, please make sure your timezones and NTP settings are correct on the AP.

I have the excerpt from the training class on the HiveAPs ad RADIUS servers with AD specific configuration. The slides here are from the middle of a class, so there might be a reference to some names for earlier labs that can be ignored.

ftp://training-student:AH-Courseware!@supportftp.aerohive.com/AD/AAWC-Class-5.1r1-revG-AD-Excerpt.pptx

Thanks
Paul
Photo of Matthew Rudkowski

Matthew Rudkowski

  • 38 Posts
  • 2 Reply Likes
Paul just wanted to thank you for these slides, helped me out.
Photo of Andrei Tunes

Andrei Tunes

  • 3 Posts
  • 0 Reply Likes
Hey Paul. Can you give this presentation to me? I can't take through this link...
thanks
Photo of Andrei Tunes

Andrei Tunes

  • 3 Posts
  • 0 Reply Likes
Failed to change directory.
Photo of Kyle Myers

Kyle Myers

  • 5 Posts
  • 0 Reply Likes
Paul, can you provide a different link? I can't seem to get this ftp link to work. Perhaps a dropbox link?
Photo of Paul Levasseur

Paul Levasseur

  • 11 Posts
  • 2 Reply Likes
Hello Bin Yu,
It does not look like the full link got added properly. So just copy and past the whole link into your browser. Also, if prompted, the username is training-student and the password is AH-Courseware!
-Paul
Photo of bin yu

bin yu

  • 26 Posts
  • 2 Reply Likes
thanks Paul

I followed it and solved
Photo of JamesC

JamesC

  • 12 Posts
  • 0 Reply Likes
Thank You for the link..
Photo of Edwin Amoo

Edwin Amoo

  • 3 Posts
  • 0 Reply Likes
The link ftp://training-student:AH-Courseware!@supportftp.aerohive.com/AD/AAWC-Class-5.1r1-revG-AD-Excerpt.pptx  does not seem to work please help

Photo of Corey Kemp

Corey Kemp

  • 7 Posts
  • 0 Reply Likes
Looks like the content on the FTP site has changed, any chance these slides could be replaced? Cheers
Photo of David Coleman

David Coleman, Employee

  • 27 Posts
  • 29 Reply Likes
You can download the latest courseware from our FTP server:


Please go to the Aerohive Training FTP server:

FTP server:
ftp://supportftp.aerohive.com

User: training-student

Password: AH-Courseware!
Photo of Corey Kemp

Corey Kemp

  • 7 Posts
  • 0 Reply Likes
Thanks for the update David. Unfortunately, the path /AD/AAWC-Class-5.1r1-revG-AD-Excerpt.pptx no longer exists.

Does this document live in another location now perhaps?

Thanks

Corey
Photo of David Coleman

David Coleman, Employee

  • 27 Posts
  • 29 Reply Likes
The slides you want are the ACWP slides. We renamed the AAWC class to ACWP. the latest and greatest slides are in the ACWP folder.