cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2381
Views
0
Helpful
3
Replies
Highlighted
Beginner

AnyConnect 3.0 Win7 SBL issue?

I want to provide my users with a single-sign-on experience from Windows/AnyConnect so that Active Directory can process GPO's, logon scripts, password updates etc.  But I cannot get a SSO to work.

The only way I have been able to get this to work is if the user manually invokes the connection via the "Network Connect" icon on the signon screen first and then signs on to the computer.  I was under the impression that with the PLAP we could simply login and VPN would connect first and then process the login with Active Directory.

Is this correct?  If so, what am I missing?

I have setup a Windows 7 client and ASA (8.4(1)) as per the instructions given in the client administration guide.  I have tried using certificates and a simple AAA authentication method.  I can get either method to work manually but not by simply clicking the username from the sign on screen and logging in with their password.  I do see the little AnyConnect icon next to each username on the signon screen.

Any help would be appreciated.

Troy

Everyone's tags (3)
3 REPLIES 3
Cisco Employee

Re: AnyConnect 3.0 Win7 SBL issue?

Hi Troy,

As far as the SBl is concerned in case of windows vista and win 7, it uses PLAP feature. The following is link for more information:-

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809f0d75.shtml

Please find the following link for SBL , in case of win 7, with screen shots:-

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect22/administration/guide/22admin4.html#wp1006226

So we need to click the network connect icon for SBL to work.

I hope it helps.

Cisco Employee

Re: AnyConnect 3.0 Win7 SBL issue?

SSO to AD along with Start-Before-Login(PLAP)not supported yet. An enhancement reuest has been files for this.
Beginner

Dear Divyanai,Is there any

Dear Divyanai,

Is there any update about this solution, or is it on roadmap still?

Regards,

Miki