Home > Wireless LAN > Splash Page > Scoping Active Directory per SSID

Scoping Active Directory per SSID

Table of contents
No headers

By default, when using Active Directory for Splash Page authentication, all users in AD can be granted access. However, by using OUs and a custom AD admin account, it is possible to limit which users can get through authentication. This document will show you how to limit the scope of users that can be authenticated to an SSID using a Splash Page with Active Directory Integration.

Note: This is an advanced configuration that requires day-to-day knowledge of Active Directory to be done correctly. Please refer to Microsoft documentation and support for assistance.

 

First, you will need to create users for each group of users. In this case, we have Students and Staff. We will use this example to limit Staff Users from accessing the Student SSID.

ec252919-8d9f-426c-be60-acf986766c7d

Right click and select Properties of the Staff OU

3d5c18fb-9244-42ba-a0ce-068d6a26345b

Deny the StudentLDAPUser's READ rights for the Staff OU

4ea4cdcb-9aef-4a7d-8e8e-a6f8d33556ee

Now, you will use this StudentLDAPUser to Bind to AD under 'Configure >> Access Control' for your Student SSID:

0991f50c-9cfa-4611-899c-77958b9a4fbe

Since this user does not have the ability to read the Staff OU, Staff Users will not be able to use this SSID. You will need to apply this Deny to all User OU's that should not be allowed to access this SSID. 

You will repeat the same steps to Deny Students from accessing the Staff SSID. You'll need to Deny Read permissions for StaffLDAPUser for all OU's that should not have access to the Staff SSID.

You must to post a comment.
Last modified

Tags

Classifications

This page has no classifications.

Explore the Product

Click to Learn More

Article ID

ID: 1606

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community