cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MS365 credentials

SOLVED
Conversationalist

MS365 credentials

Hello All, 

 

Question... Do you all know if MS365 credentials can be an auth option for Meraki wireless?

 

Thanks!

-Greg

1 ACCEPTED SOLUTION

Accepted Solutions
Kind of a big deal

Re: MS365 credentials

If you mean authenticating directing against AzureAD - not it can not.  If you had an on premise AD environment using ADConnect to AzureAD to do directory synchronisation then you could deploy a local Network Policy Server (RADIUS) to authenticate against,

10 REPLIES 10
Kind of a big deal

Re: MS365 credentials

If you mean authenticating directing against AzureAD - not it can not.  If you had an on premise AD environment using ADConnect to AzureAD to do directory synchronisation then you could deploy a local Network Policy Server (RADIUS) to authenticate against,

Conversationalist

Re: MS365 credentials

That answers it. Thank you!

Kind of a big deal

Re: MS365 credentials

If you think I helped it would be great if you could give me some Kudo's.

Conversationalist

Re: MS365 credentials

How stable is AD authentication in terms of security, we have been advised by security experts to change to AD authentication to make the WiFi network more stable. We have similar setup us you mentioned. 

Kind of a big deal

Re: MS365 credentials

Perhaps the simplest/cheapest way of implementing this is to set up AD Connect on a VM running a Nano Win2016 server, and linking that to Azure AD.

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-con...

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Kind of a big deal

Re: MS365 credentials


@Uberseehandel wrote:

Perhaps the simplest/cheapest way of implementing this is to set up AD Connect on a VM running a Nano Win2016 server, and linking that to Azure AD.

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-con...


use the link below

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-con...

 

can't see what was wrong with previous link.

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Conversationalist

Re: MS365 credentials

Thank you,
Kind of a big deal

Re: MS365 credentials

Apparently MS has been busy - Azure MFA with RADIUS authentication 

020617_0251_AzureADNews1[1].png

 

As a solution to a different problem, I am looking at using a device that has a Radius server that can be synched with Azure AD, in the new year I shall attempt to get it working with AD and see if it can be used for WiFI authentication, without digging into the API.

 

I also use Univention's UCS which is cost effective

 

 

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Kind of a big deal

Re: MS365 credentials

Per user authentication (such as AD Authentication) allows the user of WPA2-Enterprise mode, which generates per-user keys.  It is far superior to everyone using the same pre-shared key.

 

Take the simple task of administration.  If one person leaves, you disable their AD account and they can no longer access WiFi.  If you are using a pre-shared key they can either continue to access the network, or you have to change the pre-shared key on the WiFi network and every single device that connects to it.

Here to help

Re: MS365 credentials

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.