MS365 credentials

SOLVED
gcooney14
Conversationalist

MS365 credentials

Hello All, 

 

Question... Do you all know if MS365 credentials can be an auth option for Meraki wireless?

 

Thanks!

-Greg

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

If you mean authenticating directing against AzureAD - not it can not.  If you had an on premise AD environment using ADConnect to AzureAD to do directory synchronisation then you could deploy a local Network Policy Server (RADIUS) to authenticate against,

View solution in original post

10 REPLIES 10
PhilipDAth
Kind of a big deal
Kind of a big deal

If you mean authenticating directing against AzureAD - not it can not.  If you had an on premise AD environment using ADConnect to AzureAD to do directory synchronisation then you could deploy a local Network Policy Server (RADIUS) to authenticate against,

That answers it. Thank you!

If you think I helped it would be great if you could give me some Kudo's.

BHEEM
Conversationalist

How stable is AD authentication in terms of security, we have been advised by security experts to change to AD authentication to make the WiFi network more stable. We have similar setup us you mentioned. 

Uberseehandel
Kind of a big deal

Perhaps the simplest/cheapest way of implementing this is to set up AD Connect on a VM running a Nano Win2016 server, and linking that to Azure AD.

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-con...

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel


@Uberseehandel wrote:

Perhaps the simplest/cheapest way of implementing this is to set up AD Connect on a VM running a Nano Win2016 server, and linking that to Azure AD.

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-con...


use the link below

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-con...

 

can't see what was wrong with previous link.

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel

Thank you,
Uberseehandel
Kind of a big deal

Apparently MS has been busy - Azure MFA with RADIUS authentication 

020617_0251_AzureADNews1[1].png

 

As a solution to a different problem, I am looking at using a device that has a Radius server that can be synched with Azure AD, in the new year I shall attempt to get it working with AD and see if it can be used for WiFI authentication, without digging into the API.

 

I also use Univention's UCS which is cost effective

 

 

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
PhilipDAth
Kind of a big deal
Kind of a big deal

Per user authentication (such as AD Authentication) allows the user of WPA2-Enterprise mode, which generates per-user keys.  It is far superior to everyone using the same pre-shared key.

 

Take the simple task of administration.  If one person leaves, you disable their AD account and they can no longer access WiFi.  If you are using a pre-shared key they can either continue to access the network, or you have to change the pre-shared key on the WiFi network and every single device that connects to it.

Johan
Here to help

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels