I try to implement to NAC Appliance with AD SSO to my customer's network.
The windows sytem there is full network based this means that nothing is stored on the local computer.
There is a server, (FILESERVER1) on which user profiles, desktops and other stuffs are stored.
I have opend the necessary ports on the CAS to make the login work. These ports are correctly described in the AD SSO docu.
The authentication does not work because the Agent says that error initilaizing SSL libraries. It works if I open ports on the CAS to FILESERVER1 .
After some investigation I have got to know that the Agent use the explorer's SSL library. To initilize the SSL library they would like to reach the
user's certificates stored on FILESERVER1.
I don't want to open ports to FILESERVER1 because anybody without authentication can reach it. If I close the ports, the CCA doesn't work.
Do someone has any idea what to do?