By following the steps below, you'll enable secure LDAP on Microsoft Entra ID and configure the required firewall rules and roles, ensuring secure and seamless authentication for your EnGenius Access Points.
Sign in to the Microsoft Azure Admin console.
Navigate to portal.azure.com and sign in with your credentials.
Enable the Microsoft Entra ID Secure LDAP Server.
Follow the instructions provided in the Microsoft Entra ID documentation to enable the secure LDAP server.
(Optional) Configure an appropriate role for verifying user credentials.
Specify a role that can read keys and values for the AP to verify users.
For more information on Microsoft Entra built-in roles, see https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/permissions-reference.
Create a Firewall rule for the AP to query your Microsoft Entra ID Secure LDAP Server.
Ensure TCP traffic direction is set to outgoing to port 636 of hostname ldaps.aaddscontoso.com
(hostname and port from step 1).