cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki AP integrate with Gsuite AD

Highlighted
Building a reputation

Meraki AP integrate with Gsuite AD

Dear Expert ,

 

Our customer has AD in Gsuite (Cloud) , and contains many users in that cloud AD.

Their requirement is to integrate Meraki AP with Gsuit AD to specific OU.

 

The purpose of doing this is that , when user login to WIFI_STAFF SSID , they just use their username and password of their user AD at Gsuite.

 

Another requirement login once will take 1 year to be login again for that specific device.

 

Can we able to accomplish this as well ?

8 REPLIES 8
Highlighted
Kind of a big deal

Re: Meraki AP integrate with Gsuite AD

Not natively, as far as I know. You'll need to sync your GSuite directory to something like https://jumpcloud.com/product/cloud-radius and leverage RADIUS for user authentication.

Highlighted
A model citizen

Re: Meraki AP integrate with Gsuite AD

I don't have any experience with Gsuite AD.

 

That being said, from what I read, it should be possible by using Secure LDAP. However, it does require a RADIUS server, but you should be able to use something like FreeRADIUS for this.

 

Point the Meraki SSID towards the RADIUS server, and it should be communicating with Secure LDAP.

Highlighted
Head in the Cloud

Re: Meraki AP integrate with Gsuite AD

I used the built in Google credential option for wireless access at a couple schools.  I am not sure if that is different than what you are describing, but basically all students and staff can join wireless using their Google/GSuite credentials.  The domain could be limited like publicschool123.com to prevent just anyone with a Gmail account gaining access.

 

As for the one year renewal requirement I am not sure you can control that.  I would think Google forces reauthenication at some interval.  Maybe 30 days, for example.

 

 

Highlighted
New here

Re: Meraki AP integrate with Gsuite AD

 

Hey, Brandon with JumpCloud here.

 

I'm not in any sales capacity, but I'll second that suggestion that on the surface, this looks to be a good fit for a JumpCloud deployment.

 

How that would look: Both AD and G Suite would integrate with JumpCloud, and JumpCloud would become the authoritative source for the user credentials in both — a password change in JumpCloud would smoothly result in a simultaneous password change in both. Suspend or delete a JumpCloud user, and that user is simultaneously locked out of both.

 

Then, you'd point your wireless access points at our cloud RADIUS servers (we have them in US East, US West, EU and APAC), and each user's same credentials would at that point apply to RADIUS access too, no need for an on-premises RADIUS server.

 

It's free to try at https://console.jumpcloud.com/signup and we have a pubic Slack community at http://ow.ly/seTs30qO7WX . Hope that gives you something to consider.

 

Highlighted
Building a reputation

Re: Meraki AP integrate with Gsuite AD

Hi Brandon ,

 

Yes , the same thing you describe , just need one more requirement , i need to limit the domain like abc.com then only staff ou can access the wifi.

 

can we restrict on OU of the domain as well ?

Highlighted
Kind of a big deal

Re: Meraki AP integrate with Gsuite AD

I'm not Brandon (sorry 😉), but: yes

Highlighted
Head in the Cloud

Re: Meraki AP integrate with Gsuite AD

Brandon here to also say, yes.  This is, as long as the staff and students use different domains like abcStudents.edu and abcStaff.edu.  Here is what the configuration page looks like:

 

https://documentation.meraki.com/MR/MR_Splash_Page/Google_Sign-In

 

@CptnCrnch is your username a nod to the 2600hz whistle?

 

 

Highlighted
Kind of a big deal

Re: Meraki AP integrate with Gsuite AD


@CptnCrnch is your username a nod to the 2600hz whistle?

Good catch @BrandonS!

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.