Header Only - DO NOT REMOVE - Extreme Networks

NAC integration with Open Source LDAP


Userlevel 3
We have a customer that has a pending NAC install. Currently they do not have any type of LDAP on their network. They are opposed to using MS Active Directory due to the cost involved.

We have performed NAC installs and integrated it with AD, but never with any other LDAP solution.

While NAC should support any Open Source LDAP solution, I was looking for advice/experiences with NAC implementation using non-MS LDAP.

1 reply

Userlevel 6
Hello Bill,

There are a few customer that are running NAC in an openLDAP configuration. There are a few help files in the NetSight help documentation that should be able to help.

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-Configure-PEAP-Authentication-via-OpenLDAP/

The difficult piece of this deployment is that openLDAP doesn't support NThashed passwords so on the OpenLDAP server you'll need to create a new password attribute and has the passwords with a script.

In the LDAP configuration there is a pre-canned schema for openLDAP. When you configure the LDAP configuration on the bottom right hand corner click the carrot and pick "Populate with OpenLDAP defaults"

Here's another article where I was able to get a NAC to connect to a cloud openLDAP server.

https://community.extremenetworks.com/extreme/topics/ldap-q5cf6uph23qfm

Thanks
-Ryan

Reply