https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3180528#M556175 <P>This would not be a problem for domain credential based authentication (PEAP, etc.), you would not need any specific configuration for the first time logins. Just configure ISE authentication and authorization policies, there are many tutorials on how to do that.</P><P>In case of certificate based authentication (EAP-TLS) you wold need to provision certificates beforehand.</P><P>This is just a quick&nbsp;answer, there are many potential scenarios, depending on how your environment is set up, what supplicant you are using, etc.</P> Wed, 06 Sep 2017 10:22:03 GMT agrissimanis 2017-09-06T10:22:03Z https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3180334#M556168 <P>Hi,</P><P>How it is possible&nbsp;<SPAN>&nbsp;first time logon users able to login with their domain credentials ( wireless dot1x)</SPAN></P><P><SPAN>What must be done in the ISE&nbsp;</SPAN></P><P><SPAN>Thanks&nbsp;</SPAN></P> Fri, 21 Feb 2020 18:33:33 GMT https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3180334#M556168 malel2015 2020-02-21T18:33:33Z https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3180528#M556175 <P>This would not be a problem for domain credential based authentication (PEAP, etc.), you would not need any specific configuration for the first time logins. Just configure ISE authentication and authorization policies, there are many tutorials on how to do that.</P><P>In case of certificate based authentication (EAP-TLS) you wold need to provision certificates beforehand.</P><P>This is just a quick&nbsp;answer, there are many potential scenarios, depending on how your environment is set up, what supplicant you are using, etc.</P> Wed, 06 Sep 2017 10:22:03 GMT https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3180528#M556175 agrissimanis 2017-09-06T10:22:03Z https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3182085#M556182 Hi Male<BR />As agrissimanis mentioned, it is pretty easy but need ISE and Supplicant configuration as summary of what you need:<BR />-AD Integration with Cisco ISE as External Identity Source.<BR />-User / Machine Authentication or both.<BR />-The Authentication Protocol of Choice (PEAP, EAP-FAST, EAP-TLS) Each have its own considerations.<BR />-The use of EAP-Chaining (Applicable only if you choose EAP-FAST)<BR />-Supplicant type (Some considerations are here)<BR />-Supplicant Operating Systems.<BR />-Infrastructure support (PKI for TLS tunnel negotiation, SCCM for Supplicant rollout, AD GPO for Certificate enrolment for Endpoints, etc..) Sat, 09 Sep 2017 18:53:55 GMT https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3182085#M556182 Mohamed Abd Elnaser Mohamed Mohamed Ali 2017-09-09T18:53:55Z https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3182257#M556192 <P>Hi,</P><P>Thanks for all . But still How my authentication authorization profile look like for the above purpose&nbsp;</P><P>any examples ?</P><P>Thanks</P> Mon, 11 Sep 2017 03:33:18 GMT https://community.cisco.com/t5/network-access-control/windows-single-sign-on-with-802-1x-wireless-ise/m-p/3182257#M556192 malel2015 2017-09-11T03:33:18Z