I've searched and found a few ideas on this subject and still no luck after trying them all. I have my vpn users authenticated through active directory and am simply trying to accomplish single sign-on through the RDP plug-in to a Server 2003 box. Users are authenticated to WebVPN page fine. I also have a link to our OWA and have single sign-on working for that. The RDP plug-in works, and by default passes the username through, but I can't seem to find a straight answer as to getting the password through. Is the csco_sso=1 all that is needed added to the bookmark (along with auto sign-on entry under webvpn) or does there need to be POST parameters? Nothing I've tried works and if I include any POST parameters I get a "Can not find server .plugins. or DNS error" message. I've tried without POST parameters and just the csco_sso=1 and at least I get the log on screen but no auto sign-on. I've tried using the host name and IP in both bookmark and webvpn auto sign-on entries and no luck. Extremely frustrating but probably pilot error. Any help is greatly appreciated. Thanks in advance.
All you should require is the csco_sso=1 switch on the bookmark in order to provide SSO capabilities for the RDP plug-in. In my lab setup, I have the RDP plugin installed on an ASA5520 running 8.0.5. The plug-in version is dated September 15, 2009. I am using a simple bookmark such as the following:
After entering my LDAP credentials and authenticating to the portal, I click on the bookmark and it executes the Java applet in a secondary window. If I don't include my user account in the AD group associated with RDP access on my server, I get an authentication error and the window closes. If I do include my user account, the RDP session logs in without issue and I am not prompted for secondary credentials. Please confirm your configuration as well as the post the version of ASA code and java plug-in that you are using.
Please see the attached screenshot for an OWA 2007 example. Depending on your implementation, you may need to use a tool such as HTTP Watch in order to view the POST data. This will enable you to see what parameters your OWA server is expecting in the POST. You will then use this info to configure the bookmark accordingly.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :