| Windows Integrated Authentication (repost...) I'd like to revamp one of my very old posts to see if - with last firmware release 3.0 - there is something new.
I installed it on a test USG and I tried to look for some feature regarding Windows Integrated Authentication but I see nothing... but maybe I'm blind...
---
(On 2010-12-02 10:33:25 I was writing... )
I configured an USG 100 to force user authentication as per example you can find in the help of a USG at the following address:
»192.168.1.1/ext-js/helps/wwhelp/···thPolicy
I'm trying to figure out if it is possible to set it up so that, instead to stop and present the well-known web page with user name/password/one-time password..., it could obtain the credentials directly from Internet Explorer configured with "Enable Integrated Windows Authentication=on" and validate them against an AAA Server suitably configured.
A link just to let me intend what I'm talking about Windows Integrated Authentication:
»en.wikipedia.org/wiki/Integrated···tication
I mean to use this system just inside my lan, so that I can use the features available on a USG - especially Anti-X, firewall, content filter, etc. - not by source IP but by USER.
Working with IP sometimes is more difficult and sometimes is even impossible... (e.g. Terminal Servers, shared pc, etc. ) that's why USERs exist, in a very lot of aspects of the USG itself!!!
But why ask user name and password again? I already did it when I logged on... !!! ('Single Sign On'... you know it?)
Thanks in advance.
Federico |
