Authenticating wireless access points \ RADIUS through Azure AD
I would like to see Authenticating wireless access points \ RADIUS servers through Azure AD , not having to store user accounts in local active directory
Christophe D. commented
We are investigating in Aruba ClearPass integration with Intune and Azure AD :
Aruba ClearPass Extensions: Microsoft Intune Integration
Dooooooo it gawd damned!!!!
Tom Plant commented
Please... Having to use AADDS and hosted NPS is far from ideal.
DENILSON TOBAL - MANZANOS commented
Hi Microsoft Azure Team! 04 years to attend this suggestion?! Reading and researching, I can only understand that Microsoft does not want to attend this! They will lost sells of Windows Servers. But... they will lost clients migrating to another plattform anyway! So... please, consider our request! Our clients does not accept to buy local servers anymore. They want to move to the cloud, and not to be HYBRID!
Jason Tenpenny commented
This would be huge for us. We have abandoned our on-prem AD and servers altogether and only use Azure AD. Right now we have no way to utilize RADIUS against AAD without reintroducing servers to the network. Would love to be able to use RADIUS directly with AAD.
I wondering why the Azure AD Team is not giving the necessary attention to this feature request. No response or comment, even It’s one of the most requested features.
Do we have any other options when we want to autenticate against Azure AD?
Now we have that normal PSK authetication method to get school devices to network. Now we are planning to get Aruba Clearpass to do NAC. In wireless network we use Ruckus virtual controller. How we can use Azure ad and groups in there ? Is it possible to make and use user groups from azure?
Yes we have an IPSec tunnel directly to Azure from our on-prem environment. So we point the Access Points to the internal address of the NPS server located in Azure.
If you have any other questions just ask! One issue I noticed so far is that it does not authenticate users on the "AzureAD\" domain.
[Deleted User] commented
And you have VPN connection to Azure? You send radius request over vpn to nps that is located in Azure
Just a quick update, I have this working now with AADDS and an NPS server as an Azure VM.
The solution is NOT to try and register the NPS server in the directory (which is impossible with AADDS at the moment). But instead just to join the NPS server to AADDS and start using the NPS server. I tested with RADIUS authentication and it is working. I fear that one day microsoft will close this loophole but for now this will work.
@Antonio Soares, I tried this method but it won't allow me to register the NPS services into AADDS. It won't allow me to use Enterprise admin group or RAS and IAS Servers group. Tried the command line 'netsh ras add registeredserver' as well. Access Denied. :(
Can you share with us how you registered the NPS service into AAD/AADDS?
António Soares commented
I would like to post again the solution I'm currently using.
Check the link below, that refers to a previous post in this thread:
YES.. Guys. lets DO it!
Steven Cuthill commented
Yup, agreed this is missing in Azure AD and others like JumpCloud offer RADIUS as a Service along with LDAP as a Service.
we want RADIUS support with AAD without having to have on prem support or deploy AADDS
Gerald Egan commented
Please make this feature a priority.