SSL VPN
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
mikecc
Visitor
mikecc
Posts: 4
Registered: ‎02-14-2012
0

AD integration of Network connect users

Options

‎03-20-2012 05:52 AM

Hello, Our users are using Network Connect for remote access authenticating via Tokens. We are in the process of migrating to AD for network authentication at the office. I thought it was possible to integrate AD credentials to a network connect role. In other words, a user logs into their company provided laptop using the cached AD credentials to log in locally. Starts network connect after authenticating using a token then browses the network and when selecting drives is authenticated by the credentials cached on their machine. But I can not find that configuration or a description of this in the documentation.
Message 1 of 6 (281 Views)
 
Reply
Distinguished Expert
Distinguished Expert
muttbarker
Posts: 1,946
Registered: ‎01-29-2008
0

Re: AD integration of Network connect users

Options

‎03-20-2012 07:41 AM

Mike - I am traveling with no access to any of my SSL documentation. But from memory you need to do the GINA integration to achieve this. Did you look into that?

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Message 2 of 6 (275 Views)
 
Reply
Moderator Moderator
Moderator
SVK
Posts: 150
Registered: ‎08-22-2011
0

Re: AD integration of Network connect users

[ Edited ]
Options

‎03-20-2012 09:44 PM - edited ‎03-20-2012 09:48 PM

HI Mike,

 

By enabling gina on the role you can accomplish the requirement.

 

By enabling gina users will have the same feel as in lan.

 

Group policy, mapped drives all this can be updated on the workstation.

 

Please refer the following KB for configuring Gina

 

http://kb.juniper.net/kb21080

 

* please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks

 

Regards,

Vijay

Message 3 of 6 (263 Views)
 
Reply
Moderator Moderator
Moderator
zanyterp
Posts: 1,944
Registered: ‎11-19-2007
0

Re: AD integration of Network connect users

Options

‎03-21-2012 05:49 PM

Using GINA/credential provider allows the user to login over the network while remote. Another option is LogoffOnConnect (if users don't mind being logged out when the session launches)
Message 4 of 6 (243 Views)
 
Reply
RexPGP
Contributor
RexPGP
Posts: 127
Registered: ‎05-04-2009
0

Re: AD integration of Network connect users

Options

‎03-26-2012 10:08 AM

You cannot cache a new password or create a new user with GINA. I think you can with log off log on while connected.

Message 5 of 6 (203 Views)
 
Reply
Moderator Moderator
Moderator
zanyterp
Posts: 1,944
Registered: ‎11-19-2007
0

Re: AD integration of Network connect users

Options

‎04-05-2012 09:18 PM

rexpgp is correct: users must already have an account for GINA. logoffonconnect may not work either unless you login as that user initially

Message 6 of 6 (174 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.