I configured Cisco ASA 5540 with Active Directory integrated IAS. Authentication for all tcp traffic is enabled in ASA by following command
aaa authentication include tcp/0 inside 0.0.0.0 0.0.0.0 RADIUS-GROUP
I also configured dACL in IAS with AV-Pairs.
Whenever a user tries to connect to internet, a "HTTP Authentication" window pops up and asks for username password. I enter the username&password which is alreaddy logged in to domain, then everything works perfect. dACLs works too.
But the issue is that username&password pop-up. It supposed to pop-up when a client which is not joined to domain, or logged on locally not to domain. But it pops when the user is already logged with domain credidentals. I dont want to type it again when trying to browse for the first time.
Thanks for any comments