I am confused with the syntax of ktpass utility on windows 2008.
I have gone through this microsoft document but could not sort it out.
If someone can give an example or steps for ktpass utility for win2008.
It's to much to paste here, but the full server manual does a good job of explaining all of the options. Here's a link to the AD SSO section on CCO (no login required):
These are the instruction for windows 2003. but i have to use the ktpass on windows 2008.
The syntax of ktpass is different in win2008.
Can you just type the syntax of ktpass for me for windows 2008
Sorry, didn't realize the syntax was different. We are running ours on 2003 and I don't have access to a 2008 server to test it with.
after the "-mapuser" switch is the username for the adsso account. although the example gives it in the following format:
"... -mapuser username..."
i've had to use the following format to get it to work:
"... -mapuser domain\username..."
This was for an error that said it couldn't find the domain or something like that.
You do not have to give that as domain\username, since you are providing that information after the -princ switch.
Check it and let me know.
Man it was holiday for 2 days. I will be trying on Monday.
However can you write the ktpass command syntax for me for Windows 2008. I think that there is a difference between the the syntax of windows 2003 and 2008.
Cisco NAC Appliance Agent/AD Server Compatibility for AD SSO
Single Domain AD SSO is supported on Windows 2008 Enterprise SP1.
Windows 2008 Enterprise SP1 started with 4.1.8 or 4.5.0.
-What version of CCA are you running
-What version of Windows are you running
-Is it a single domain.
-Are you trying to configure against a single server or a domain
-What version of KTPASS are you using.
Cisco recommends using release 5.2.3790.0 of the KTPass executable.
-What is the extact CLI command that you are entering.
-What does the CAS logs show for the failed attempt.
Check out the Chalk Talk -
Chalk Talk 8: Configuring Authentication, Roles, and SSO