Has anyone had any experience with Cisco ACS? We are looking at deploying this as our solution tied to AD.
Thanks, Tony Brzoskowski IS Network Services Specialist University of Wisconsin-Parkside [email protected] 262.595.2629 <http://www.facebook.com/tobrz> FaceBook-icon <http://www.linkedin.com/pub/7/38b/359> Linked-In-icon <http://twitter.com/uwp_cts> Twitter-icon From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Ryan Holland Sent: Thursday, March 04, 2010 12:57 PM To: [email protected] Subject: [WIRELESS-LAN] PEAP/MSCHAPv2 + Active Directory recommendations We currently have an 802.1X environment using PEAP/MSCHAPv2 to Steel-Belted radius. SBR queries SQL for user credential validation. We are (thankfully) migrating away from SQL to an Active Directory solution. I have been told by Juniper that we will be unable to search/query for additional attributes in AD since we are using MSCHAPv2; I'm told that PAP (clear text passwords) must be used in order to use the ldap auth to BIND to AD. Being that we need to be able to query for additional attributes, I am inquiring what other institutions are doing. If you are using both PEAP/MSCHAPv2 and Active Directory, I would appreciate you taking a moment to share how you are set up. Feel free to respond off list as well. Many thanks! ========== Ryan Holland Network Engineer, Wireless Office of the Chief Information Officer The Ohio State University 614-292-9906 [email protected] ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
<<image001.png>>
<<image002.png>>
<<image003.png>>
smime.p7s
Description: S/MIME cryptographic signature
