Thor,
To build on what Dale wrote, a lot of clients don't want to fork out the extra money for a radius server when it's primary focus is going to be hooking into AD to authenticate, so I've done quite a few IAS installs. Whether you use IAS or not, MS created a walkthrough with VBS scripts to get your computers, groups, certificate server, IAS and their associated policies prepped. The first time you walk through it, the guide will be a long read, but you can easily go to the highlighted sections and cut and paste your way through it. With a majority of SMB customers having switched to SP3, the install and integration is quite painless. The main issue that I run into is finding either a 2008 server or someone running Vista in order to create WPA2/AES policies through group policy.
Once everything is done, new laptops should only require a brief connection to the LAN to update group policy settings and you're done.
Here's the document I was referring to:
-ryan
If you can't find a reference that matches your exact scenario, break
it into the logical chunks:
1. WAPs and WLC with ACS (or any RADIUS server)
2. ACS (or any RADIUS server, including Microsoft's own "IAS") with
Active Directory
Use google (rather than the site's own search engine) to search
cisco.com to find relevant articles (outside of the production
documentation sets, which are probably the first place you should
look):
e.g. http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00808c9bd1.shtml
Check the Design Zone site (www.cisco.com/go/cvd) -- loads of good
info buried in there.
Good luck.
cheers,
Dale
Blogs and organic groups at http://www.ccie.net
Received on Sat May 09 2009 - 06:45:44 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:42 ART