SSL VPN
Reply
Visitor
mikecc
Posts: 4
Registered: ‎02-14-2012
0

AD integration of Network connect users

Hello, Our users are using Network Connect for remote access authenticating via Tokens. We are in the process of migrating to AD for network authentication at the office. I thought it was possible to integrate AD credentials to a network connect role. In other words, a user logs into their company provided laptop using the cached AD credentials to log in locally. Starts network connect after authenticating using a token then browses the network and when selecting drives is authenticated by the credentials cached on their machine. But I can not find that configuration or a description of this in the documentation.
Distinguished Expert
muttbarker
Posts: 2,285
Registered: ‎01-29-2008
0

Re: AD integration of Network connect users

Mike - I am traveling with no access to any of my SSL documentation. But from memory you need to do the GINA integration to achieve this. Did you look into that?

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Moderator Moderator
Moderator
SVK
Posts: 188
Registered: ‎08-22-2011
0

Re: AD integration of Network connect users

[ Edited ]

HI Mike,

 

By enabling gina on the role you can accomplish the requirement.

 

By enabling gina users will have the same feel as in lan.

 

Group policy, mapped drives all this can be updated on the workstation.

 

Please refer the following KB for configuring Gina

 

http://kb.juniper.net/kb21080

 

* please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks

 

Regards,

Vijay

Moderator
zanyterp
Posts: 2,263
Registered: ‎11-19-2007
0

Re: AD integration of Network connect users

Using GINA/credential provider allows the user to login over the network while remote. Another option is LogoffOnConnect (if users don't mind being logged out when the session launches)
Contributor
RexPGP
Posts: 144
Registered: ‎05-04-2009
0

Re: AD integration of Network connect users

You cannot cache a new password or create a new user with GINA. I think you can with log off log on while connected.

Moderator
zanyterp
Posts: 2,263
Registered: ‎11-19-2007
0

Re: AD integration of Network connect users

rexpgp is correct: users must already have an account for GINA. logoffonconnect may not work either unless you login as that user initially

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.