Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

NAC ADSSO with windows 2008

can i run ADSSO on cisco NAC with windows AD 2008?

2 REPLIES
New Member

Re: NAC ADSSO with windows 2008

Yes. We do. Using version 4.5.

There is a catch, you will find you're going to need use a "single active directory server" instead of "domain" option.

New Member

NAC ADSSO with windows 2008

Hi,

     I am trying to run ADSSO with windows 2008, NAC version is 4.8.I followed the document but still ADSSO service is not starting. Checked the reachability and done other troubleshooting. Could not find any error.

What could be wrong?

Find the logs of AD KTPass run output below.

C:\Users\Administrator>ktpass -princ testnac/wapt.waptsolution.com@WAPTSOLUTION.COM -mapuser testnac
-pass @lt12345 -out c:\testnac.keytab -ptype KRB5_NT_PRINCIPAL +DesOnly
Targeting domain controller: wapt.waptsolution.com
Using legacy password setting method
Successfully mapped testnac/wapt.waptsolution.com to testnac.
Key created.
Output keytab to c:\testnac.keytab:
Keytab version: 0x502
keysize 73 testnac/wapt.waptsolution.com@WAPTSOLUTION.COM ptype 1 (KRB5_NT_PRINCIPAL) vno 3 etype 0x
3 (DES-CBC-MD5) keylength 8 (0x3e80d310a7f1ea7f)
Account testnac has been set for DES-only encryption.

C:\Users\Administrator>ktpass -princ casuser/wapt.waptsolution.com@WAPTSOLUTION.COM -mapuser casuser
-pass @lt12345 -out c:\casuser.keytab -ptype KRB5_NT_PRINCIPAL +DesOnly
Targeting domain controller: wapt.waptsolution.com
Using legacy password setting method
Successfully mapped casuser/wapt.waptsolution.com to casuser.
Key created.
Output keytab to c:\casuser.keytab:
Keytab version: 0x502
keysize 73 casuser/wapt.waptsolution.com@WAPTSOLUTION.COM ptype 1 (KRB5_NT_PRINCIPAL) vno 3 etype 0x
3 (DES-CBC-MD5) keylength 8 (0xbc1c5d5ea885e5e0)
Account casuser has been set for DES-only encryption.

C:\Users\Administrator>

431
Views
0
Helpful
2
Replies
CreatePlease to create content