Meraki

Community

Active Directory logons not being logged with connecting via meraki APs

SnafuNL
Comes here often
‎Feb 2 2021 6:48 AM
‎Feb 2 2021 6:48 AM

Active Directory logons not being logged with connecting via meraki APs

Hello

 

I'm working in an environment with MR-42 APs and an non-meraki firewall. The APs are authenticating to Active Directory using RADIUS, which works as expected, but it seems that an account logon from the client WLAN IP is never logged within Active Directory. Our firewall uses those AD logs to map usernames to IP address for access control purposes.

 

We have a another site using an Aruba set-up and authenticating against the same AD/RADIUS server and that logs properly. Is there a way to configure the Meraki to support this?

 

Thanks    

0 Kudos
1 Reply 1
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 2 2021 11:05 AM
‎Feb 2 2021 11:05 AM

Either group policy does not have audit controls configured to log the events - or the logons are using cached mode and hence are not occurring.

 

Some things you can check:

  • You are allowing "Domain Computers" to authenticate so that when a domain computer tries to authenticate it can talk to an AD controller rather than having to use cached mode.
  • You haven't got group policy configured to wait for the network for logon causing cached mode to be used.  Computer Configuration → Administrative Templates → System → Logon → Always wait for the network at computer startup and logon.

 

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2025 Cisco Systems, Inc.