cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
431
Views
0
Helpful
4
Replies
ticketreturn
Beginner

Bookmark not logging in

I've configured an ASA5505 with clientless SSL VPN access. I see that the user is authenticated in my Active Directory, and the bookmark with the RDP connection is available. The bookmark URL contains

10.10.20.46/username=CSCO_WEBVPN_USERNAME&password=CSCO_WEBVPN_PASSWORD&CSCO_WEBVPN_MACRO1

When I click on the bookmark, I get to the server, but the user isn't logged in; the user name & password fields are blank & the message under the fields has Log on <domain name>. The Auto Sign-On server is enabled, and in the Smart Tunnel Auto Sign-on I checked the Use Windows domain name with username. The Terminal Server is W2k8 Data Center Edition - VMWare 4.0.

Cannot seem to figure this one out. Any suggestions are appreciated.

ASA Version: 8.4(4)1, ASDM Version: 6.4(9)

Also, the CSCO_WEBVPN_MACRO1 is configured to get the Department value from the Active Directory. I don't know if this is working or not. Is there a way to verify it?

Thanks for the help.

4 REPLIES 4

Hi Sam,

Please check this out:

https://supportforums.cisco.com/message/3749055#3749055

HTH.

Please rate any helpful posts

That helped tremendously. Thanks.

Also, I found that another admin had configured terminal services login to not recognize the parameters being passed. Once that was changed, along with the other hints from the mentioned article I made good progress.

I still have the issue of the CSCO_WEBVPN_MACRO1 parameter. The server is configured to automatically start a program looking for a value, but it isn't receiving it. Right now I just have &CSCO_WEBVPN_MACRO1 in the bookmark, do I need something like parameter=CSCO_WEBVPN_MACRO1? or is it the variable name from the program?

Thanks again.

Dear Sam,

I am glad to hear you found it helpful.

The CSCO_WEBVPN_MACRO1 is the parameter, but to be honest I do not think the specific "program" attribute would work.

What are you defining in the Macro?

HTH.

Please rate any helpful posts

So I don't do anything like '?parmx = CSCO_WEBVPN_MACRO1' in the bookmark?

I want to populate the field with an value from my AD, associated with the user login.

In Remote Access VPN -> AAA/Local Users -> LDAP Attribute Map I defined an entry (MyMacro) for Department = WebVPN-Macro-Substitution-Value1

In my bookmark -> Advanced Options I set the URL method to Post & added a Post Parameter associating MyMacro to the value for CSCO_WEBVPN_MAVRO1.

I think I can modify the MyMacro rntry in the LDAP Attribute Map to use a static value rather than a AD value for testing purposes, to see if it is infact being passed to the program. At minimum this should indicate if I'm not getting the value from the AD.

Content for Community-Ad