Re: Access Points and Active Directory

Thanks Raul.

What are the authorization rights relevant to wireless network and
can all this be provided by MS-IAS?

I am trying to understand the clear benefits of introducing IAS in between.

On 5/17/07, Raul Siles <raul.siles-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> 
wrote:
> Saudi,
> The MS IAS is an AAA server, therefore AP's can talk directly to it.
> I recommend you a 3-layer approach: APs --- IAS --- AD
>
> Cheers,
> --
> Raul
>
> On 5/17/07, saudi sans <saudisans-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> 
> wrote:
> > Can I conclude that we donot need any AAA server in between? The
> > Access points can talk directly to MS IAS.
> >
> > On 5/17/07, Raul Siles <raul.siles-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> 
> wrote:
> > > Hi,
> > > If you are going to integrate with MS AD, you can use MS RADIUS
> > > server, called MS IAS - Internet Authentication Service:
> > > www.microsoft.com/technet/network/ias/default.mspx
> > >
> > > It's free if you have the Windows Server versions.
> > >
> > > Cheers,
> > > --
> > > Raul Siles
> > > GSE
> > > www.raulsiles.com
> > >
> > > On 5/17/07, saudi sans <saudisans-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> 
> wrote:
> > > > Hi,
> > > >
> > > > We have got 10 Cisco Aironet Access Points . However we donot have a
> > > > AAA solution like Cisco ACS.
> > > >
> > > > But we would like to authenticate wireless LAN users via Active
> > > > directory database before they can connect. Is it possible without a
> > > > AAA solution?  Are there any drastic implications if we do this .
> > > >
> > > > Cisco ACS is expensive ...hence we donot want to buy unless it is 
> mandatory!
> > > >
> > >
> >