LogoLogo
  • Configuration Topic
    • Configuring SAML SSO with ADFS
      • Feature Overview
      • MSP Portal Configuration
      • ADFS Configuration
    • Authentication with Microsoft Entra ID LDAP Server
      • Setup Secure LDAP for Microsoft Entra ID Domain Service
      • Configure Microsoft Entra ID Authentication for SSID
      • Setup LDAP Profile on Client Devices
      • Appendix
      • Troubleshooting
Powered by GitBook
On this page
Export as PDF
  1. Configuration Topic
  2. Authentication with Microsoft Entra ID LDAP Server

Configure Microsoft Entra ID Authentication for SSID

PreviousSetup Secure LDAP for Microsoft Entra ID Domain ServiceNextSetup LDAP Profile on Client Devices

Last updated 11 months ago

By following the steps below, you can configure Microsoft Entra ID (Azure ID) authentication for your SSID, ensuring secure access to your wireless network.

Ensure your EnGenius Cloud APs have an active Pro License and that the Org AP feature plan is set to Pro. You can then configure them to use the Microsoft Entra ID (Azure AD) LDAP Server for WPA2/WPA3-Enterprise or Captive Portal authentication.

To get started:

  1. Choose the SSID to Enable Azure AD Authentication.

    • Go to Org / Network.

    • Click the EnGenius WiFi in the SSID list.

  2. Choose the Security Type and Authentication Type to apply for this SSID.

    • Security Type: Click Wireless > Security Type > WPA2 or WPA3 Enterprise.

    • Authentication Type: Click Captive Portal > Authentication Type > Azure AD.

  3. Select Authenticate with Azure AD.

    • Fill in the Host, Port, Account, and Password.

    • Base DN (Optional): Starting point of the LDAP directory tree when the AP requests the search of the corresponding user’s credentials in the LDAP server. If the field is empty, the AP auto-detects the configuration from the Azure AD/Entra ID LDAP server. Otherwise, the user can set the specified Base DN string according to the Azure AD host. (Format: ou=AADDC Users,dc=engenius-azure,dc=ddns,dc=net).

    • (Optional) Import the Authenticator certificate for customized content and domain.

Note:

The certificate is used between the Access Point and wireless client devices, like 802.1X with RADIUS Server.

Choose the SSID
Choose WPA2/WPA3 Enterprise for Security Type
Choose Azure AD for Authentication Type