cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About vmadriga

Systems manager integration with Active Directory

by in Mobile Device Management
3 weeks ago
3 weeks ago
Hi All,   I am trying to integrate Systems Manager with Active Directory via SM agent installed on a windows server machine however it is failing without any additional information. Both the Active Directory and the Windows machine with the SM installed have IP connectivity (I did a packet capture and I only see 3 packets being exchanged between the 2 machines a Syn packet  from the machine with the SM agent -> a Syn Ack packet  from the Active Directory -> a Reset packet from the machine with the SM agent.    I also see the following logs in the "m_agent_service.log" file:   2021-04-21 12:56:45.473186 [5624]: Connecting to LDAP host 172.11.30.1:389 2021-04-21 12:56:52.681089 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 12:57:23.16639 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 12:57:26.58535 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 12:57:53.342521 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 12:57:56.223684 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 12:58:17.160678 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 12:58:17.160678 [5624]: Connecting to LDAP host 172.11.30.1:389 2021-04-21 12:58:23.664916 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 12:58:54.6946 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 12:58:57.614086 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 12:59:24.310182 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 12:59:27.825735 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 12:59:54.635399 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 12:59:57.990979 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 13:00:24.908289 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 13:00:28.268759 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 13:00:55.218037 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 13:00:58.438841 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 13:01:25.517997 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 13:01:28.627855 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 13:01:30.877858 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 13:01:30.877858 [5624]: Connecting to LDAP host 172.11.30.1:3268 2021-04-21 13:01:55.835303 [8672]: ConnState::sample_win_common(): NOT ASSOCIATED, not getting net states 2021-04-21 13:02:11.465363 [5624]: TunClient::handle_request [pcc105.meraki.com]: request 2021-04-21 13:02:20.37348 [5624]: TunClient::handle_request [pcc105.meraki.com]: request   but it is not clear to me why the SM agent is sending the Reset packet and terminating the connection.    Does the domain account used for this integration requires special permissions?   Any comments are really appreciated.     ... View more
Labels:

Re: WPA/WPA2 Enterprise with Certificate Authentication

by in Mobile Device Management
3 weeks ago
3 weeks ago
Thanks Paul,   I did some testing and created a new SCEP certificate specifying the username as the CN:   and then I specify this new SCEP into the Wifi Configuration:   When I enroll the device now I have one certificate installed with the CN field populated with the username specified on the Owners list, however on the Wifi profile installed on the device there is no user certificate configured on the profile.   If I select the default SCEP under Wifi settings and select "Use username as certificate CN" :     I do get a user certificate on the Wifi Profile on the mobile device however this user certificate does not include the username in the CN field, it contains a random number instead.   Is there a document that explains how SCEP policies are applied to Wifi settings and how to specify that the CN field contains the username for the default SCEP?   Any comments are really appreciated.     ... View more

WPA/WPA2 Enterprise with Certificate Authentication

by in Mobile Device Management
4 weeks ago
4 weeks ago
Hi all,   I am configuring the authentication settings on a WiFi profile to push it to mobile devices and I want to use certificate based authentication. I need that the identity certificate distributed to the mobile device includes the username as the CN. Is it a requirement for this to work to integrate the Active Directory into the Systems Manager? Right now I am using local users defined on the "Owners" page and the certificates pushed to the mobile devices does not have the username as the CN in the identity certificate, I am assuming that the username defined in the "Owners" page will be used as the CN but I am not sure if this is correct.    Any comments are really appreciated. ... View more
Labels:
© 2021 Meraki