Cisco Cisco NAC Appliance 4.1.0
Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide
OL-12214-01
Chapter 8 Configuring Active Directory Single Sign-On (AD SSO)
Enabling a Login Script (Optional)
Figure 8-20
Agent Login—General Setup
2.
From the User Role dropdown, choose the role to which to apply the GPO update.
3.
From the Operating System dropdown, choose the OS to which to apply the GPO update (must be
Windows 2000 or later)
Windows 2000 or later)
4.
Click the checkbox for Refresh Windows domain group policy after login (for Windows)
5.
Click Update.
Enabling a Login Script (Optional)
GPO update objects, such as login scripts, require an event to trigger them, such as login, or they fail.
Running a script in a Windows environment prior to NAC login fails because users do not have access
to drive mappings to the Domain Controller (DC) or drive resources.
Running a script in a Windows environment prior to NAC login fails because users do not have access
to drive mappings to the Domain Controller (DC) or drive resources.
Network-based login scripts and local login scripts are handled differently:
•
Local login scripts run on locally on a client machine. If you introduce an artificial delay with a
script, they work correctly.
script, they work correctly.
•
Network-based scripts require continuous access to a DC for initialization. Depending on your
network deployment, you can use a combination of steps to use them. Network-based scripts
typically reside on the DC in the %Sysvol%\scripts folder.
network deployment, you can use a combination of steps to use them. Network-based scripts
typically reside on the DC in the %Sysvol%\scripts folder.
lists the options for handling network-based scripts.