We have a functional ZD1106, 4 AP configuration (non-Mesh), all setup and working fine. We had 2 SSIDs, one for Guests and one for Corporate. Both work fine, the Corporate one has a PSK that we give to employees.
I'd like to get Active Directory authentication working on the devices but so far it's kind of a hassle for users. I created another WLAN and enabled AD, lets call it Phil-AD.
Phil-AD is currently Open, otherwise a user would first need a PSK to connect to it. That doesn't seem very secure to me, but it's the least of my concerns right now.
Once I log into Phil-AD, I get redirected to the AD login portal page. My AD credentials work fine, and I'm in. Problem is, especially on iOS devices, when my devices go to sleep and wake up, I'm constantly being redirected to the captive portal page. Meaning it "forgets" my login information way, way too often. I can log in with my iPhone, let the device sleep and 5 minutes late, I have to re-auth to AD using the portal page, which is a hassle.
If I add a PSK to Phil-AD, the users first have to authenticate via PSK, and then they have to re-auth every time their devices go to sleep. If the users have to type in their AD credentials every hour or even every day they probably won't bother connecting to the wireless network.
Any thoughts or best practices on what I'm trying to accomplish?