Anyway, first of all, I'm sure that 5520 supports NT domain as authentication (but I haven't tried win2003 specifically). The general process is as follows: first, you should add a server group with any name to the aaa server group, use NT domain as the protocol, and then set the address of aaa server and the address controlled by the domain (these two addresses are the same in my example). In the following example, I added a NT aaa server group named win, and the server address is192.5438+068.5438+0.1.
======================================
Win protocol nt of aaa server
AAA- server win host192.168.1.1
Nt-auth- domain controller192.168.1.1
========================================
The authentication category includes the newly added win. The following example attempts to use aaa server group win and local account for authentication in http authentication.
=======================================
Aaa authentication http console win local
That's about it. Good luck using asa as ipsce for the last time. . . . . Anyway, I went crazy last time because of this product. . . .