I am implementing a cisco nac solution.I would like to perform active directory sso so that users could log in once into the network.I will also set up an LDAP Lookup server on the nac because i want to configure mapping rules so that users are placed into user roles based on AD attributes after AD SSO authentication.
After this is done my issue is:
1- How do i configure that LDAP Lookup server itself (i am not talking about the config on the nac side, that is not a problem) ? A step by step instruction will be appreciated.
2- Should the config be done on a separate server or on the same active directory server ?
3-This single sign on could it work for wireless and vpn clients ?