We would like to configure Ruckus (Zonedirector 1100) in such a way that users only need to input their AD details once or even better none at all if they are somehow passed through.
Ideally the Director would check user credentials against AD every time they connect to the wireless so if a users access has been removed they cannot access anything even though they may have the passphrase for the WLAN.
We would like to be able to have the SSID and Passphrase as public knowledge but access essentially controlled via Active Directory.
You can define a WLAN with a WPA2-PSK that is shared, with additional Web
Authentication thru an AD authentication server. Define the AD server first, under
Configure AAA Servers. Then from Configure WLANs, create new, with Standard
type, WPA2/AES encryption/algorithm options, check the box for Web Authentication
and choose your AD server from the drop-down list. I hope this is helpful.
We have tried this approach before with a web portal but users need to re-authenticate everytime they close their web browser, is there a way to pass through the windows sessions credentials? Or store a cookie of some sort?