first of all I would like to thank for such a fantastic and FREE system.
I would like to use ZS for my company employees and for guests. I need the infrastructure to be very simple so I can create a basic manual and send it to helpdesk people to implement it in the other offices.
What I would like to achieve:
1. put ZeroShell host with two network adapters in my LAN network and connect some WIFI AccessPoints (2-5 depending of the conference rooms) to it. Use the same SSID on AP and a basic WEP or WPA2 password that everyone will know. One network must be connected to LAN and second one to a HUB with AccessPoints.
2. start a Captive portal with two domains (type of authentication):
a) EMPLOYEE – Active Directory – allow access to all systems for the permanent personnel with no restrictions. Access to all network resources must be accessible via wireless.
b) GUESTS -local Zeroshell LDAP credentials – allow access to the guests with theirs laptops to access only Internet resources like WWW, MAIL.
So in general access authentication is requested from the Captive Portal to which access is granted through a ActiveDirectory username and pass or a temporary username and password given to the guests.
I alteady have ZS installed, Captive Portal started, AccessPoint is connected and it works with local LDAP autentication.
I will add a second domain with ActiveDirectory autentication but I need some help how to setup access rules mentioned above in a) and b).
Can You help me with this ?