Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
431
Views
0
Helpful
2
Replies

Windows Machine Cert Auth and User Auth

Go to solution
scamarda
Cisco Employee
Cisco Employee

‎11-21-2017 10:53 AM

Two node deployment 2.3P1. Don't have time to set this up in my lab would appreciate some help.  Have customer doing machine and user authentication via certificates using Windows native supplicant. Is it possible to use the attribute "wasMachineAuthenticated" in this scenario?  Customer would like to like the two together to validate machine and user auth for access.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎11-21-2017 11:02 AM

In order to use "wasMachineAuthenticated", the machine certificates need published to AD computer objects and the option "binary compare" enabled in the ISE certificate auth profile for the machine cert auth, besides checking "Enable Machine Access Restriction" in AD > Advanced Settings.

Screen Shot 2017-11-21 at 10.59.59 AM.png

View solution in original post

0 Helpful
2 Replies 2

Go to solution
hslai
Cisco Employee
Cisco Employee

‎11-21-2017 11:02 AM

In order to use "wasMachineAuthenticated", the machine certificates need published to AD computer objects and the option "binary compare" enabled in the ISE certificate auth profile for the machine cert auth, besides checking "Enable Machine Access Restriction" in AD > Advanced Settings.

Screen Shot 2017-11-21 at 10.59.59 AM.png

0 Helpful

Go to solution
scamarda
Cisco Employee
Cisco Employee
In response to hslai

‎11-21-2017 05:54 PM

Thank you for the information.  Much appreciated.

0 Helpful
Customers Also Viewed These Support Documents