NAC AD Single Sign On issue

Unanswered Question
Oct 28th, 2008
User Badges:

Hello,


I've been having issues with NAC AD SSO. The AD SSO service is started on both my CAS's in the CAS pair, and I do see that the Clean Access Agent attempts to perform AD SSO. But it fails and defaults to prompting for a local username and password. After which, I see the following event recorded in the CAS's logs:


Oct 17, 2008 1:46:45 PM com.perfigo.wlan.jmx.admin.GSSServer$LoginPrivilegedAction run SEVERE: Error opening server socket. Socket closed


Does anyone know what this means?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Daniel Laden Sat, 11/08/2008 - 10:32
User Badges:
  • Cisco Employee,

If the AD SSO service started on the CAS but the users are failing AD SSO, I would start with confirming the user is logging into the domain and not using cached credentials. AD SSO using the users kerberos ticket to authenticate



Load the MS kerbtray utility and confirm a valid kerberos ticket is present (icon will be green).

Actions

This Discussion