Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
689
Views
5
Helpful
1
Replies

Successful machine authentication for user in Active Directory

GRANT3779
Spotlight
Spotlight

‎04-28-2017 06:07 AM - edited ‎03-11-2019 12:40 AM

Hi All,

Part of my 802.1x User Authentication Policy uses - "WasMachineAuthenticated" Equals True.

Looking through the authentication steps in Radius logs I see the following -

24433 Looking up machine in Active Directory - AD1
24326 Searching subject object by UPN - machine@test.com
24327 Subject object found in a cache
24329 Subject cache entry expired
24330 Lookup SID By Name request succeeded
24332 Lookup Object By SID request succeeded
24336 Subject object cached
24351 Account validation succeeded
24439 Machine Attributes retrieval from Active Directory succeeded - AD1
24422 ISE has confirmed previous successful machine authentication for user in Active Directory

How exactly is ISE checking that the machine has been authenticated before? Is it checking a cache in ISE or my AD?

Thanks

Labels:
0 Helpful
1 Reply 1

Massimo Baschieri
Level 3
Level 3

‎04-28-2017 10:28 PM

Ise keeps a local database for most recent successfull machines access, default aging time should be 5 hours, you can edit it on the advanced properties of your AD external identity source.

  

Customers Also Viewed These Support Documents