Extreme Cloud

Expand all | Collapse all

Registration with Azure AD via Open ID Connect

  • 1.  Registration with Azure AD via Open ID Connect

    Posted 08-08-2018 07:40
    I see ExtremeConnect 8.1 allows custom Open ID Connect providers, has anyone done this to authenticate to an Azure AD tenant? What username shows up? Can I then match that against an LDAP group for authorization? Pass the username to other applications with ExtremeConnect? Provision a custom I-SID?

    The reason I want to auth to Azure AD is to just have laptops auth with their machine account to WPA2-Enterprise wireless but then authenticate the user at the network layer (since switching between machine and user auth at the wireless layer slows down unlocking/resuming from sleep). And pass that information to our web filter via the Lightspeed RADIUS integration, and of course do policy based on group membership.

  • 2.  RE: Registration with Azure AD via Open ID Connect

    Posted 09-25-2018 22:28
    James, not possible today. In ExtremeControl, Open ID is designed to be used for guest registration. It cannot be used for 802.1x auth flow at this time. I would suggest to create an FR (Feature Request) by everyone who needs this type of feature. I would like to know the details of the various use cases. But right now you cannot use Open ID for user access flow.