Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Clean Access V4 Single Sign On

Has anybody upgraded to Cisco Clean Access version 4.0 and managed to implement AD SSO.

I have configured as per the documentation. However when I try to enable Agent based Windows SSO with AD Kerberos, I receive an error could not start the sso service.

The KTPass command ran successfully on the AD Server.

An Authentication Server Type of AD SSO has been configured on the CAM.

Regards

Ian.

3 REPLIES
Community Member

Re: Clean Access V4 Single Sign On

Hi Ian,

Make sure that the time on the CCA Server and the domain controller where you ran ktpass are within 20 seconds on time.

If they skew much more than that kerberos doesn't like it.

Community Member

Re: Clean Access V4 Single Sign On

I have run into a problem getting the SSO service to start. In researching the problem I found this link which looks very suspicious as to the nature of the problem. I am actively working with Cisco to narrow down the problem.

http://forum.java.sun.com/thread.jspa?threadID=741727&messageID=4253013

Re: Clean Access V4 Single Sign On

In my experience of AD SSO joshgrant was spot on: if the CAM and DC get out of sync the SSO fails. Best to try to sync them off same time source.

102
Views
5
Helpful
3
Replies
CreatePlease to create content