Hi All,
Part of my 802.1x User Authentication Policy uses - "WasMachineAuthenticated" Equals True.
Looking through the authentication steps in Radius logs I see the following -
24433 Looking up machine in Active Directory - AD1
24326 Searching subject object by UPN - machine@test.com
24327 Subject object found in a cache
24329 Subject cache entry expired
24330 Lookup SID By Name request succeeded
24332 Lookup Object By SID request succeeded
24336 Subject object cached
24351 Account validation succeeded
24439 Machine Attributes retrieval from Active Directory succeeded - AD1
24422 ISE has confirmed previous successful machine authentication for user in Active Directory
How exactly is ISE checking that the machine has been authenticated before? Is it checking a cache in ISE or my AD?
Thanks