Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAC 4.7.2 OOB ADSSO win7

Hi,

I updated CAM and CAS servers to ver 4.7.2, in OOB mode on windows 7 don't work autorization whith ADSSO.

ktpass make by win 2008 r2

ver nacagent 4.7.2

3 REPLIES
New Member

Re: NAC 4.7.2 OOB ADSSO win7

If you configured KTPASS to use DES-only encryption, you will need to re-run it, as Windows 7 does not support DES encryption.  Here's the instructions for that: http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/47/cas/s_adsso.html#wp1257882

Also, if your domain is operating at a 2003 functionality level, you may run into problems (CSCtg46056).

New Member

Re: NAC 4.7.2 OOB ADSSO win7

KTPASS configured to use - crypto all

AD mixed: 1) win 2008 r2

                2) win 2003

in attach netastat cas (client ip 10.52.30.55)

user roles - traffic control - unauth role - allow all traffic.

New Member

Re: NAC 4.7.2 OOB ADSSO win7

So on the CAS, does the AD SSO process show as running?  Is it just the Windows 7 users that are failing, and other users are passing fine?  If so, it sounds like you are probably running into that bug if you're at 2003 functionality and are going against the 2008 server.  There is a workaround included in the release notes, or you could run against AD SSO against a single 2003 server instead.

271
Views
0
Helpful
3
Replies
CreatePlease login to create content