How can we improve Azure Active Directory?

Authenticating wireless access points \ RADIUS through Azure AD

I would like to see Authenticating wireless access points \ RADIUS servers through Azure AD , not having to store user accounts in local active directory

628 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Aman Sahota shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

64 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    I absolutely agree with almost everything that has been said in this thread. Having RADIUS and LDAP for authentication and directory services would be huge for usability and cloud only environment. There are many RADIUS aas, Directory aas, etc out there, add the functionality and bundle, make a profit. Most of us would be happy to pay more for something that is hosted and mostly managed by microsoft when all of us are already using AAD for identity.

  • Stéphane commented  ·   ·  Flag as inappropriate

    Azure AD centralize authentification but still not take in charge RADIUS, it's a bit non sense.
    Even if functionalities aren't as detailed as a classic AD, we need at least to keep a way to authenticate users on equipements.

  • Mihails Rubinovs commented  ·   ·  Flag as inappropriate

    Microsoft is truly ignoring scenarios when you have only Azure AD as part of your Office 365 subscription. Why would you even call it AD? no LDAP, no policies, no OU.... I need AADDS to get all features.

  • Antonio Soares commented  ·   ·  Flag as inappropriate

    "Yes I can". This involves some screenshots. What could be the best way to share. It would be great to have feedback and improvements.
    I got a breakthrough and I'm now using NPS

  • Antonio Soares commented  ·   ·  Flag as inappropriate

    I agree with everyone and just got this up and running using MFA. Not the best solution but I managed to put MFA as a proxy to AADDS.
    Now Microsoft has to tweak NPS and make it stand alone.

  • Peter Selch Dahl commented  ·   ·  Flag as inappropriate

    Microsoft Denmark already have a solution online that uses Azure AD for authentication for guest. This solution is provided by Microsoft IT so it should be available globally. You can see some screenshot of the solution here: http://imgur.com/a/B17Ej

    It would be great, if they would share this solution with the world :)

    /Peter Dahl - Azure MVP

  • Elwin Boes commented  ·   ·  Flag as inappropriate

    Yes definitely would like / need this. Now i still need to have a local AD with MFA and AD connect only for wifi accesspoints and vpn.

  • Antonio Soares commented  ·   ·  Flag as inappropriate

    A simple Auth Proxy for legacy protocols would be tremendous.
    Not only for AP's but, firewall L8 identification, switching admin access, etc. Mainly for devices that rely on local auth to operate.
    Please develop a reverse proxy/MFA on-prem agente like software that can act as NPS against Azure AD.

  • James Schwarzmeier commented  ·   ·  Flag as inappropriate

    I'm not sure how this would interact when users have MFA enforced on their Azure AD accounts, but we would want to see that included as part of this support.

  • Fredrik Carenborn commented  ·   ·  Flag as inappropriate

    Would be great to use local radius with Azure AD. With simple LDAP query to begin with. Also other third party systems often use LDAP.

  • Rafael Reyes commented  ·   ·  Flag as inappropriate

    Because this is not included in Azure AD I will either have to invest in hardware to have local AD, Radius server or spend money on a third party service. Money I would gladly spend on a Azure AD, Office 365 license that would enable this functionality in my existing infrastructure.

  • Anonymous commented  ·   ·  Flag as inappropriate

    This would be an awesome feature! pleas implement it! :-D
    Please also consider not only to implement the authentication, but dynamic vlan assignment as well :-)

  • Tom A commented  ·   ·  Flag as inappropriate

    I'd love to see this too. In some of our sites we are only maintaining an Active Directory infrastructure in order to provide radius. It would be great to be able to pull down this setup and have it all online!

Feedback and Knowledge Base