We want to use CDA for transparent user authentication. Now, all users have domain credentials and even MAC users need to login with AD credentials to MAC machines.
Will CDA be able to see MAC user login to MAC PC (all MAC PSs are part of windows domain (they exchange Kerberos communication)) so I am hoping that Windows Domain controller will generate similar message to normal, windows login, so CDA will be able to pick that information up and forward it to to WSA.
As long as the users are authenticating to the AD controller the mappings should be seen by the CDA when it fetches the user to IP mappings from the AD server. I am assuming you are using a 3rd party vendor to authenticate to a Microsoft AD server ?
Erik Kaiser WSA CSE WSA Cisco Forums Moderator
WSA Cisco Forums Moderator
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...