Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
251252253254255256257258259260
7-22
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 7 User Management: Configuring Authentication Servers
Adding an Authentication Provider
d. Search(Admin) Password—The password for the LDAP user.
e. Search Base Context—The root of the LDAP tree to perform the search for users (e.g. dc=cisco,
dc=com).
Step 4 Click Add.
Step 5 The bottom pane displays the details of the servers you have added.
Step 6 You can click the Edit icon to modify the details and the Delete icon to remove a server.
Note If a domain has child domains, you must add the server details for each child domain separately.
Active Directory Single Sign-On (SS0)
See the “Configuring Active Directory Single Sign-On (AD SSO)” chapter in the Cisco NAC Appliance
- Clean Access Server Configuration Guide, Release 4.9(x) for complete details.
Windows NetBIOS SSO
Note The Windows NetBIOS SSO authentication feature is deprecated. Cisco recommends the “Configuring
Active Directory Single Sign-On (AD SSO)” chapter in the Cisco NAC Appliance - Clean Access Server
Configuration Guide, Release 4.9(x) instead.
In Windows NetBIOS SSO authentication (formerly known as “Transparent Windows”), the CAS sniffs
relevant Windows login packets from the end-user machine to the domain controller to determine
whether or not the user is logged in successfully. If Windows NetBIOS SSO authentication is enabled
and the CAS successfully detects login traffic, the user is logged into the Cisco NAC Appliance system
without having to explicitly login through the web login page or Agent.
With Windows NetBIOS SSO, only authentication can be done—posture assessment, quarantining,
remediation, do not apply. However, the user only needs to perform Ctrl-Alt-Dlt to login.
Note For Windows NetBIOS SSO login, it is not required for the CAM to be on the same subnet as the domain
controller. The list of Windows NetBIOS SSO DC is published from the CAM.
Implementing Windows NetBIOS SSO
Implementing Windows NetBIOS SSO login involves the following steps:
1. Add a Windows NetBIOS SSO auth server through User Management > Auth Servers > New
Server (see Add Windows NetBIOS SSO Auth Server, page 7-23).
2. From Device Management > CCA Servers > Manage [CAS_IP] > Authentication > Windows
Auth > NetBIOS SSO:
a. Click the option for Enable Transparent Windows Single Sign-On with NetBIOS on the
specific CAS and click Update.