06-02-2020 04:43 PM
I need the ability for any AD computers to authenticate across the network so we do not have to enter the SSID passphase/Passcode if we make changes to the SSID Profile/Policies, and reduce the number of current SSID’s.
06-04-2020 09:36 AM
Hi,
as John mentioned the part on CloudIQ is pretty easy and most of the things are done on the RADIUS server.
Here how the settings look for my 802.1X EAP-PEAP WLAN.
The RADIUS server (in my case ExtremeControl) will reply with either VLAN 1 or 200 according to my AD/LDAP groups.
-Ron
06-03-2020 07:08 PM
This is probably a question better asked on a windows forum. You can use device AD accounts for authentication and use group policy so a computer will authenticate to an 802.1x SSID at boot. Then it can retain that authentication or re-authenticate with user credentials at login.
There are certificate options as well but I don’t know details of those methods.