https://community.cisco.com/t5/wireless/eap-tls-sso/m-p/665246#M50495 <P>Hi,</P><P>I would need some informations about Single Sign On. My implementations is:</P><P>- WLC4400 ( 2 devices )</P><P>- EAP-TLS as authentication type</P><P>- IAS over win2003 as radius</P><P></P><P>I just need to know how to implement SSO. I know it's "Microsoft" dependent as the controller forwrd all radius request to IAS, but:</P><P>If I want to configure the autoenrollment for the certificates, the wifi user must logon the domain the first time in WIRED, to let the autoenrollment process to download the certificate ? Or the certificate is "autoenrolled" via wifi also for the first time a user try the logon by EAP permitted traffic ?</P><P></P><P>many thanks and regards</P><P></P><P>luigi</P> Sat, 03 Jul 2021 20:30:57 GMT LUIGI PIETRONAVE 2021-07-03T20:30:57Z https://community.cisco.com/t5/wireless/eap-tls-sso/m-p/665246#M50495 <P>Hi,</P><P>I would need some informations about Single Sign On. My implementations is:</P><P>- WLC4400 ( 2 devices )</P><P>- EAP-TLS as authentication type</P><P>- IAS over win2003 as radius</P><P></P><P>I just need to know how to implement SSO. I know it's "Microsoft" dependent as the controller forwrd all radius request to IAS, but:</P><P>If I want to configure the autoenrollment for the certificates, the wifi user must logon the domain the first time in WIRED, to let the autoenrollment process to download the certificate ? Or the certificate is "autoenrolled" via wifi also for the first time a user try the logon by EAP permitted traffic ?</P><P></P><P>many thanks and regards</P><P></P><P>luigi</P> Sat, 03 Jul 2021 20:30:57 GMT https://community.cisco.com/t5/wireless/eap-tls-sso/m-p/665246#M50495 LUIGI PIETRONAVE 2021-07-03T20:30:57Z https://community.cisco.com/t5/wireless/eap-tls-sso/m-p/665247#M50496 <HTML><HEAD></HEAD><BODY><P>Luigi,</P><P>we are running the WiSM (which is similar to a WLC) and I am looking for some information on setting up EAP/TLS. Can you send me some information pls?</P><P>--Joerg</P></BODY></HTML> Fri, 26 Jan 2007 16:25:47 GMT https://community.cisco.com/t5/wireless/eap-tls-sso/m-p/665247#M50496 with_joerg 2007-01-26T16:25:47Z https://community.cisco.com/t5/wireless/eap-tls-sso/m-p/665248#M50497 <HTML><HEAD></HEAD><BODY><P>Hi Joerg,</P><P>which informations do You require ?</P><P>Here an useful link from CCO;</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00807917a6.shtml" target="_blank">http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00807917a6.shtml</A></P><P>in this link the authentication server is a Cisco ACS; if You want to use a Microsoft Radius ( IAS ) You need to know:</P><P>- for certificate autoenrollment the IAS must be a win2003 enterprise</P><P>- for to be a CA, the win2003 ( or win2000 ) must be a primary domain controller </P><P></P><P>Regards</P><P></P><P>Luigi</P></BODY></HTML> Mon, 29 Jan 2007 13:37:13 GMT https://community.cisco.com/t5/wireless/eap-tls-sso/m-p/665248#M50497 LUIGI PIETRONAVE 2007-01-29T13:37:13Z