Add an Active Directory Server

Configure an Extreme Networks device as a RADIUS Server.

Use this task to add an Active Directory to an Extreme Networks device acting as a RADIUS Server.

  1. Enter a name.
  2. Enter the Windows domain name that the RADIUS authentication server and Active Directory server both belong to, including parent domains, such as .com, .net, and .org
  3. Select Auto to enable the Active Directory and ExtremeCloud IQ to automatically supply the Active Directory Server and the base distinguished name parameters.
  4. From the drop-down list, choose a previously-defined IP object or host name for the Active Directory Server that contains the user accounts the RADIUS authentication server will authenticate.
    If you do not see the one that you need listed, select New and enter an IP object or host name.
  5. Enter the base distinguished name, or the starting point for directory server searches, and the point in the directory tree structure where the server stores user accounts.
  6. If you selected Manual, enter a Short Domain Name.
  7. If you selected Manual, enter the Realm name that corresponds to the user account location, which is often the same as the domain name.
  8. Set the organizational unit (OU) where the Extreme Networks RADIUS server has privileges to add itself as a computer in the domain or leave it blank.
    Note

    Note

    By default, the RADIUS server attempts to add itself into Computers unless you specify a computer-ou here. Because you might not want to give a device access to the Computers container, you can create your own OU and give the device user permissions to create computers (that is, to add itself) to the specified OU. For example, the computer OU might be wireless/APs.
  9. Select Enable TLS Encryption to encrypt the user look-up requests that the Extreme Networks RADIUS server sends to the Active Directory server.
  10. Select NEXT.
  11. Select a DNS Server or select plus to create a new one.
  12. Select NEXT.

Continue configuring the server.