Hi Craig, I have just ugraded from ACS v4.2 to v5 so bear that in mind with my answer. LDAP can be used to authenticate users on the WLC directly . WLC cannot talk to AD and has to use ACS to authenticate users.
The scenario might be a WLC at a remote site with no redundant WAN link and there is an outage. There is a Windows server on-site which contains a copy of the user database. The WLC loses connectivity to the central ACS server and can then fail over to local EAP and authenticate against the local Windows server with LDAP. Keep in mind that LDAP by default can only do clear text passwords so you would need to use EAP-FAST/GTC, PEAP-GTC, EAP-TLS to authenticate with the client. Hope this helps and comments welcome. Cheers, Leigh On 6 October 2011 06:10, craig schnarrs <[email protected]> wrote: > Im working on some ACS 5 goodness and was just wondering... > > > whats the difference between configuring acs 5 for ldap vs configuring for > AD. when would you use ldap? would you ever do both? > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com <http://www.platinumplacement.com/> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
