cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

807
Views
0
Helpful
1
Replies
syedaltaf.shah
Beginner

Cisco NAC, Agents cannot login to AD (AD SSO)

Hi,

We had issue with Cisco NAC Server & Manager Certificates, it was expired, have imported new certificates from CA (Which is one od AD Server)

now CAM & CAS are in HA and connected. the SSO Service on CAS is started.

The Problem is users cannot login to SSO, it can login to Domain but SSO is not working, NAC Agent popus asking for username and password. CAM local username and password works fine. but not SSO.

have verified everything which was in troubleshooting guide.

Anyone can help please?

1 REPLY 1
Karthik Chandran
Beginner

Hi Syed,

1) Confirm whether users are logged in using their domain account and not using the local account.

2) Confirm if CAS is listening on port 8910. You can take a sniffer trace on the client pc which can help you.

3) Synchronize the time in the CAS/Agent with the AD.

If the issue persists, I would suggest you to collect the agent logs, cas logs and wireshark capture (from the user machine while it tries to authenticate) and create a case with Cisco TAC.

Regards,

Karthik Chandran

Content for Community-Ad