Add an Active Directory Server

First, configure an AAA server profile. See Configure an AAA Server Profile.

This task is part of the network policy configuration workflow. Use this task to add an Active Directory (AD) database to an Extreme Networks device acting as a RADIUS Server.

  1. For Step 3, on the Configure RADIUS Servers page, select an existing AD server from the Select menu, or select Add.
  2. Type a Name for the AD server.
  3. Type the name of the Domain, to which the RADIUS authentication server and the AD server both belong.

    (Range: 1–64 characters). Include parent domains, such as .com, .net, and .org.

  4. Select Auto or Manual.
    Setting Description
    Auto ExtremeCloud‌ IQ automatically populates the Active Directory Server and the base distinguished name (BaseDN) parameters.

    Go to Step 9.
    Manual Go to Step 5.
  5. From the drop-down list, choose a previously-defined IP object or host name for the Active Directory Server that contains the user accounts the RADIUS authentication server will authenticate.
    If you do not see the one that you need listed, select New and enter an IP object or host name.
  6. Type the BaseDN—The starting point for directory server searches, and the point in the directory tree structure where the server stores user accounts.
  7. Type a Short Domain Name.
  8. Type the Realm name that corresponds to the user account location, which is often the same as the domain name.
  9. Set the organizational unit (OU) where the Extreme Networks RADIUS server has privileges to add itself as a computer in the domain or leave it blank.
    Note

    Note

    By default, the RADIUS server attempts to add itself into Computers unless you specify a computer-ou here. If you do not want to give a device access to the Computers container, you can create your own OU and give the device user permissions to create computers (that is, to add itself) to the specified OU. For example, the computer OU might be wireless/APs.
  10. Select Enable TLS Encryption to encrypt the user look-up requests that the Extreme Networks RADIUS server sends to the Active Directory server.
  11. Select NEXT.
  12. Select an existing DNS Server, or select Add to create a new one.
  13. Select NEXT.

Continue configuring the RADIUS server.

9038923-00 Rev AB