Active Directory Configuration and Authentication in Meraki MX250

apardeep25
New here

Active Directory Configuration and Authentication in Meraki MX250

I need to verify the configuration and authentication of Active Directory in my Meraki MX250 appliance. I want to ensure that my Active Directory is correctly connected to the Meraki MX250 dashboard.
 
Specifically, I would appreciate guidance on:
1. Verifying Active Directory configuration in the Meraki MX250 dashboard.
2. Confirming the authentication between Active Directory and the Meraki MX250 appliance.
3. Accessing relevant logs or monitoring tools for Active Directory authentication.
 
Any tips, best practices, or troubleshooting steps you can provide would be greatly appreciated.
4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal

Configuration Overview

The following steps outline the required configuration (both in Dashboard and Active Directory) to allow for AD-based group policy application. Please be sure to follow each step as accurately as possible, errors can be difficult to diagnose and resolve.

  1. Create an Active Directory site for the MX so users authenticate against the correct Domain Controll...
  2. Enable security auditing on Active Directory Domain Controllers so the MX can obtain all relevant lo...
  3. Enable the Global Catalog role on each Domain Controller because the MX uses LDAP/TLS over TCP port ...
  4. Install a digital certificate on each Domain Controller for LDAP/TLS.
  5. Certificate Requirements for TLS
  6. Create groups in Active Directory which will be mapped to Group Policies in Dashboard.
  7. Add users to groups in Active Directory. 
  8. Configure Group Policies in Dashboard.
  9. Configure Active Directory Authentication in Dashboard.
  10. Create LDAP group to Group Policy mappings in Dashboard.

 

Multiple Language Server Support

The support to query Microsoft Active Directory servers configured for non-English languages is presently not supported. This functionality is currently under consideration by the Product and Engineering teams. We do not have an ETA on implementation.

 

 

Full doc: https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Configuring_Active_Direc...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
apardeep25
New here


Thanks for the response! How can I check the AD info? The configurations were already made by the previous employee. I want to check the information related to AD on Meraki to confirm which AD is being used and fetch its information. In short, I need the AD information from my console. 

alemabrahao
Kind of a big deal
Kind of a big deal

Check the full documentation on the link above.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal

You at least need to narrow down what you have AD authentication enabled for.  Client VPN, splash pages, content filtering, what?  All have different configurations.

Get notified when there are additional replies to this discussion.