With the big push of Extreme wireless to schools over the last several years this needs to be implemented since every school district we work with is using Chromebooks and they are starting to require 802.1x which Google supports through Secure LDAP. We have implemented this on every other wireless platform we deploy just not successfully with XIQ even though everything seems to be there for the configuration. I just got this response from GTAC...
"Pete. I reached out to my superiors and confirmed that we do not support Google Workplace for RADIUS/Wireless SSID authentication. Jake S."
This is not acceptable.
You may use ppsk as alternative way, there is XIQ-GSuite-PPSK-Sync Script on Github which can syn GSuite user groups with PPSK user groups. Just FYI, I haven't tested it. https://github.com/extremenetworksSA/XIQ_Gsuite_PPSK_Sync
You mean like this?
I don't think you'd want this in XiQ itself to be honest, it's kind of a big deal to implement, and might slow things down overall. Running it as part of your NAC (Which is designed for advanced authentication requirements) is a far better idea and is the kind of scenario you would use it with.
Not full access control, just user authentication/verification to be able to log onto the wireless. You can configure LDAPS with certificates and everything Google requires within XIQ but for some reason it just will not connect to ldap.google.com to authenticate even though we can resolved the fqdn and using ldapsearch we can verify connectivity to it from CLI from Site Engine. So it is operational, just the APs won't use it properly. What's the point of having all the options in XIQ to make the connection for it to not even try?