Solved: Re: IOS Only Windows AD Authentication

pcantore · ‎03-29-2004

Does anyone know if it is possible to implement a IOS only solution for RAS login using only a users Windows AD username and password - I know normally this would be done using RADIUS/TACACS+ (no customer $$$), but I am trying to avoid users have to use a local router configured name/pass and then a 2nd Windows AD login to access resources.

I would ideally like to have the have the authentication pass directly to a Windows AD server! I understand from some colleagues that this type of functionality is available in some of Cisco's VPN products - has it made it into IOS?

Any suggestions folks?

p.dimitrije · ‎03-31-2004

Since you do not want to use ACS and AD as its secondary database, you could try MS IAS, or simply configure kerberos authentication.

Since kerberos IOS images are bigger, it might be a better idea to use IAS.

View solution in original post

p.dimitrije · ‎03-31-2004

Since you do not want to use ACS and AD as its secondary database, you could try MS IAS, or simply configure kerberos authentication.

Since kerberos IOS images are bigger, it might be a better idea to use IAS.

pcantore · ‎03-31-2004

Thanks, my subsequent research since posting the query took me down the IAS route too! This would be the way to go in this scenario - many thanks for th sanity check.... pdc