Meraki

Community

New install - LDAP Auth

Solved
cgbenne42
Conversationalist
Tuesday
Tuesday

New install - LDAP Auth

Hey all!

 

I'm setting up a new deployment and cannot get the ldap working for a secured wireless network.

 

I added an AD account to the top of the users OU and set it to the following in the LDAP Admin field;

cn=meraki,dc=Users,dc=intra,dc=domain,dc=gov

 

When I input the correct username and password for a test, I just hit the following error;

Screenshot 2025-06-10 133443.png

 

I'm able to ping the internal DC address from the AP with no issues.

 

Could somebody point me in the right direction for this one?

 

-Chloe

Labels:
0 Kudos
1 Accepted Solution
Mloraditch
Kind of a big deal
Tuesday
Tuesday

Are you able to do an LDAP bind using those creds from a PC on the same subnet as the APs? You can use the LDP tool to test: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/c...

It's also quite possible there is a Cert issue. You might need to use port 636 instead. Packet captures can really help with diagnosing LDAP connectivity issues. May want to capture the transaction on your server's NIC to verify the traffic is being received and what is happening.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

5 Replies 5
alemabrahao
Kind of a big deal
Tuesday
Tuesday

  1. Enter the IP address of your LDAP server in the Host field and the LDAP listening port which is normally 389 in the Port field.
    Note: Cisco Meraki APs (MRs) will use Secure LDAP over TLS.
  2. For LDAP admin, enter the distinguished name of the administrative account to be used by the AP to bind to your LDAP server, for example cn=admin,dc=example,dc=com, and the password.

 

https://documentation.meraki.com/MR/MR_Splash_Page/Configuring_Splash_Page_Authentication_with_an_LD...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
cgbenne42
Conversationalist
Tuesday
Tuesday

I've entered it correctly as indicated by the KB, shown in my screenshot above, but the AP keeps failing to connect. 

0 Kudos
Mloraditch
Kind of a big deal
Tuesday
Tuesday

Are you able to do an LDAP bind using those creds from a PC on the same subnet as the APs? You can use the LDP tool to test: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/c...

It's also quite possible there is a Cert issue. You might need to use port 636 instead. Packet captures can really help with diagnosing LDAP connectivity issues. May want to capture the transaction on your server's NIC to verify the traffic is being received and what is happening.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
In response to Mloraditch
cgbenne42
Conversationalist
Wednesday
Wednesday

I placed my laptop on the wireless VLAN and LDP works perfectly with the dedicated meraki account in AD. I'll see if the traffic is passing in Wireshark, but the initial testing with LDP shows a valid and successful connection.

0 Kudos
cgbenne42
Conversationalist
Wednesday
Wednesday

After installing Wireshark and watching the traffic, I noticed a SSL/TLS error that lead me to the KB article below. It was the issue outlined in the article that directed me to a cert issue I had to fix.

 

Active Directory Issue Resolution Guide - Cisco Meraki Documentation

 

This one is good to go.

 

@Mloraditch you sent me down the right path!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.