01-06-2015 10:21 AM - edited 03-10-2019 10:19 PM
Dear Team,
My customer wants to use Single Sign on for wired and wireless DOT1X clients using ACS 5.6. Is there any way we could do that?
AD in integrated with ACS and cu wants to access multiple application using same windows credentials. Let me know if its doable.
Minakshi
01-06-2015 07:30 PM
Hello Minakshi. Can you give us more details around the requirements and the solution used for the single sign on?
01-06-2015 08:56 PM
Setup is as follows:
Wired Dot1x(eaptls)
--User(Windows)-----> Switch(Cisco)-----ACS(5.6)-------AD
There are multiple inhouse application for the Company. They wanted all the internal employees to access the inhouse internet and intranet multiple portals
I just want to know how this can be done or taken care. If there is anything else, you are looking for , Please let me know.
01-06-2015 09:24 PM
Well with Windows you can use both PEAP machine or user based authentication. You can configure the Windows supplicant to automatically provide the machine or user credentials to the ACS server without requiring the user to input any information.
It appears that you in your environment you are using EAP-TLS and digital certificates. If that is the case then the same as above would apply. You can configure the Windows supplicant via GPO to automatically perform machine or user (based on the type of certificate that you are issuing) based authentication. This type of configuration would also prevent the user from having to input any credentials.
I hope this helps!
Thank you for rating helpful posts!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide