This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NAC Manager LDAP Integration with Sub Domain

NAC Manager LDAP Integration with Sub Domain

info_systemhaus
New Contributor II

‎06-15-2015 03:44 AM

We are using NAC Manager with policys to authentificate our Staff which ist coming wireless from a EWC ...

The Authentification works with LDAP against the Domain. .... username\Domain

Example : Hans.Mustermann@thhf.net

Now we want to integrate also the students from our School into this ldap authentification,

but they are located into an subdomain.

Example : Franz.Mustermann@stud.thhf.net

Does this work with Nac Manger from Extreme ?? , we are using Netsight / NAC Manager 6.1.0

The Nac Manager know the ldap Connection to the Primary Domain and is joined into this Domain, rather a Student send a logon request with his subdomain logon, the ldap should forward this to the subdomain DC ... i think this is more a Windows Problem.

I only want to know if here is anybody who has already a working Environment with subdomains and LDAP Authentification.

Regards

Christian

PS : Sorry for bad gramma .. non native english author

0 Kudos
11 REPLIES 11

Michael_Kirchne
Contributor
In response to Zdeněk_Pala

‎06-15-2015 03:53 AM

Hi Christian,

I think the "Should work" of Pala goes more in the direction that you can't be 100% sure in IT 😉

I deployed NAC in multi domain scenarios and you there you have different kind of deployments.

If you are able to join the NAC into the different domains - all is fine. Eg. myDomain.comand stud.mydomain.com. But you need 2 LDAP Configurations. NAC gets Domain member of both domains.

If you don't have the priveledge for the 2nd domain you've got a pretty good chance to fail even if the 2 domains have a full trust. In this scenario I would set up a pair of Windows NPS servers and use NAC for that domains as a radius proxy.

Regards
Michael
0 Kudos

info_systemhaus
New Contributor II
In response to Zdeněk_Pala

‎06-15-2015 03:53 AM

Many THX ... but should work is not enough.... 

I want to find someone who has a working NAC Manager LDAP Integration with Sub Domains

As you write .. different LDAP Server Settings .. should not work, because as far as i know .. the Nac Manager LDAP join the Domain and Need every time the connect to the Primary Domain ....

0 Kudos
GTM-P2G8KFN