Trying to setup a clientless SSL portal that uses RSA tokens for authentication and provides access to two resouces. OWA and CIFS file shares.
The AD environment uses smartcards for authentication and has hybrid user settings swtiched off, i.e the user is not able to type their passwords into any request for domain level access.
The SSL portal will use RSA tokens for auth, then use KCD to obtain kerberos tickets for access to the resources that the user may need. So far I can get the OWA access to work without the user typing in a password to access OWA (this is confirmed by checking the kerberos debugs on the ASA), however it seems that the ASA does not use the KCD to obtain a ticket for the CIFS access and the user is prompted for credentials when attemtping to access the CIFS shares.
This is to address those customers coming to ISE from ACS or new to ISE that need a password change portal (UCP)
What are the licensing requirements for this solution?
My Devices - For using the password change with My Devices you need plus licenses as ...
In this paper we will document the configuration and operation of an integrated solution that includes identity management, firewall, cloud-based management, and cloud-based logging.
We will use the following Cisco products:
These days everything is in the cloud. We all know that Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. Using Cisco Defense Orchestrator (CDO), you can manage physical or virt...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that provides a simple, consistent, and highly secure way of managing security policies on all your ASA devices. CDO helps you optimize your ASA environment by identifying problems wi...