Splash Page Sign On

PaulSmith
Conversationalist

Splash Page Sign On

I am very new to Meraki so please be gentle 🙂

I have an SSID that uses a Splash page with AD authentication. I am setting up a new AD server (different domain name) and want to switch the authentication over to that server. I have tried by removing the IP addresses of the old AD servers and entering the IP address of the new server and updated the credentials for the new domain but when I try to connect to the SSID, authentication fails. the old AD's are 2012 and the new one is 2016 if that makes any difference. Is there anything I need to set up on the new server to allow this to happen?

9 REPLIES 9
MarcP
Kind of a big deal

What about the test when setting up the AD Server in the dashboard? Is it working?

 

Used this doc?

https://documentation.meraki.com/MR/Splash_Page/Integrating_Active_Directory_with_Sign-On_Splash_Pag...

PaulSmith
Conversationalist

All AP's fail on the new server, I will read the doc you linked now.
PaulSmith
Conversationalist

Following the link doc, I have created a self signed certificate in IIS, and now the Dashboard gives me the following error

Error testing Active Directory, server provided the following error message: unknown result (249)

I have checked and the firewall allows incoming on port 3268.

Googling the above error doesn't return much that is of use. Any further suggestions?

 

Does the new AD server have a self signed certificate on it to allow encrypted LDAP?

 

This looks like a relatively complete guide.

https://bl.ocks.org/magnetikonline/0ccdabfec58eb1929c997d22e7341e45

I will get onto that first thing tomorrow, thanks.

Sometimes you get issues with the TLS version used.  I'm a little hazy on it, but you probably want TLSv1.1 enabled on the AD controller.  Save this issue for a "last resort".

Hi Paul, I am seeing the same error in our environment. Did you solve this?

EX100
Just browsing

Hello Smith,

Please were you able to get the above solved. I am getting a similar error.

EX100_0-1637580956591.png

Please advise.

Incase anyone sees this - the issue is probably due to having the username entered as DOMAIN\Username. Just omit DOMAIN\ and try testing again.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels