Cisco Cisco NAC Appliance 4.1.0
10-8
Cisco NAC Appliance - Clean Access Server Installation and Administration Guide
OL-12213-01
Chapter 10 Local Authentication Settings
Enable Active Directory SSO Login
Enable Active Directory SSO Login
See the Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide for
complete information on configuring Active Directory Single Sign-On (SSO).
complete information on configuring Active Directory Single Sign-On (SSO).
Enable Windows NetBIOS SSO Login
With Windows NetBIOS SSO login (formerly known as “Transparent Windows” login), users who are
authenticated in their Windows domain can be automatically logged into the trusted network.
authenticated in their Windows domain can be automatically logged into the trusted network.
Note
The feature has been deprecated. It is recommended to configure Active Directory SSO instead. Refer
to the Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide for details.
to the Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide for details.
Implementing Windows NetBIOS SSO login involves several steps:
1.
Add a Windows NetBIOS SSO authentication provider to the list of authentication servers in the
CAM.
CAM.
(See Chapter 6, “User Management: Auth Servers” in the Cisco NAC Appliance - Clean Access
Manager Installation and Administration Guide.)
Manager Installation and Administration Guide.)
2.
Modify the policy of the Unauthenticated role to allow users access to the domain controller.
(See Chapter 8, “User Management: Traffic Control, Bandwidth, Schedule” in the Cisco NAC
Appliance - Clean Access Manager Installation and Administration Guide.)
Appliance - Clean Access Manager Installation and Administration Guide.)
3.
Enable Windows NetBIOS SSO Login and specify the Windows domain controller in the CAS
management pages (see steps below).
management pages (see steps below).
Note
With Windows NetBIOS SSO, only authentication can be done— posture assessment, quarantining,
remediation, do not apply. However, the user only needs to perform Ctrl-Alt-Dlt to login.
remediation, do not apply. However, the user only needs to perform Ctrl-Alt-Dlt to login.
To configure the Windows domain controller:
1.
Go to Device Management > CCA Servers > Manage [CAS_IP] > Authentication > Windows
Auth > NetBIOS SSO the CAS for which you want to enable transparent Windows login.
Auth > NetBIOS SSO the CAS for which you want to enable transparent Windows login.