06-30-2006 06:14 AM - edited 03-09-2019 03:27 PM
Has anybody upgraded to Cisco Clean Access version 4.0 and managed to implement AD SSO.
I have configured as per the documentation. However when I try to enable Agent based Windows SSO with AD Kerberos, I receive an error could not start the sso service.
The KTPass command ran successfully on the AD Server.
An Authentication Server Type of AD SSO has been configured on the CAM.
Regards
Ian.
07-06-2006 05:19 AM
Hi Ian,
Make sure that the time on the CCA Server and the domain controller where you ran ktpass are within 20 seconds on time.
If they skew much more than that kerberos doesn't like it.
08-30-2006 08:23 AM
I have run into a problem getting the SSO service to start. In researching the problem I found this link which looks very suspicious as to the nature of the problem. I am actively working with Cisco to narrow down the problem.
http://forum.java.sun.com/thread.jspa?threadID=741727&messageID=4253013
08-31-2006 10:07 AM
In my experience of AD SSO joshgrant was spot on: if the CAM and DC get out of sync the SSO fails. Best to try to sync them off same time source.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide