Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Regarding CTA 2.0 talking to a NAC framework having ACS 4.0 and Active Dire


Consider a case of CTA 2.0 with 802.1x supplicant talking to a 802.1x L2 NAC enabled switch and having ACS 4.0 (for authentication) which is in turn talking to a Microsoft Active Directory.

I installed the CTA 2.0 client and I could see the option of "Single Sign-on for password credentials" in the CTA 2.0 client.

I have the following 2 queries on this:

1] Do I need to add every machine with CTA 2.0 802.1x client as part of the Microsoft Active Directory Domain ?

2] I would like to know if the Microsoft GINA would be prompted for a Username and Password after successful to the user or the GINA prompt would not appear as it would take the SSO credentials ?

3] Assuming the ACS and/or AD is down, and in that case (assuming local username cache is disabled)would the cumputer allow me to log on to the Local machine for Local Authentication ?


Prakash S

New Member

Re: Regarding CTA 2.0 talking to a NAC framework having ACS 4.0

hi Parkash

As par my knowledge for the machine authentication the machine shud be the part of domain becoz acs check the certificate issued by domain if i am thnkin in rt direction as per ur first question

2 nd no knowledge

3 cya speaks to the acs server for NAC and 802.1x machine and user authentication in that case if it is not supporting can do some work on the scripting interface

Even i have some query regarding the NAC with acs can YU help me out