Configure Active Directory Authentication for Wireless Network Access (SSID)
Last updated
Last updated
There are two ways to enable Microsoft AD Authentication to authenticate wireless users with EnGenius Cloud.
Enable Security Type WPA2/WPA3-Enterprise with AD Authentication.
Enable Captive Portal for user authentication with Active Directory Server.
The steps below show only the important settings. Please refer to Microsoft documentation and support for assistance.
Select the Active Directory Domain Services role to promote a domain controller in the Server Roles steps.
Configure Access Permission for verifying user credentials
To specify which organization units and groups EnGenius AP can access to verify the user’s credentials.
Create Firewall rules which are needed for AP to join domain and authentication (ref: https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts)
88/TCP/UDP Kerberos
389/TCP/UDP LDAP
445/TCP SMB
Note: Microsoft Active Directory server needs to be located in the same VLAN subnet as AP’s management VLAN interface. Even though the SSID enables VLAN, AP still sends SMBv1 packets to communicate with the Active Directory server via AP’s management VLAN interface.
Login to EnGenius Cloud ( https://cloud.engenius.ai ) and click the (hamxxxx) icon to select the Network for configuration.
Go to Configure > SSID and select a specific SSID name from the list
From the Wireless tab, select WPA2 Enterprise for Security Type
Select Active Directory for user authentication
Click Add a server and enter the configuration (Host, Port, Admin, and Password) for the Active Directory server.
Click the Apply button to save SSID configurations.
Note: Authentication with Active Directory is a feature in Pro Plan, and it requires a PRO license to enable it.
Login to EnGenius Cloud ( https://cloud.engenius.ai ) and click the (hamxxxx) icon to select the Network for configuration.
To get started: Go to Configure > SSID and select a specific SSID name from the list.
From the Wireless tab, set the Security Type to Open.
Enable Captive Portal from the Captive Portal tab.
Select Active Directory for Authentication Type
Click Add a server and enter the configuration (Host, Port, Admin, and Password) for the Active Directory server.
Click the Apply button to save SSID configurations. Note: Authentication with Active Directory is a feature in Pro Plan, and it requires a PRO license to enable it.
Note: Authentication with Active Directory is a feature in Pro Plan, and it requires a PRO license to enable it.