Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
356
Views
1
Helpful
6
Replies

Authenticate only the Domain Computer

Saeed Abd Elhalim Hamada
Spotlight
Spotlight

‎03-24-2025 04:04 AM

Dear All, 

i need some help,i need to auth only the domain computer any one not join domain and plug the cable to switch will not auth 

0 Helpful
6 Replies 6

Saeed Abd Elhalim Hamada
Spotlight
Spotlight
In response to ahollifield

‎03-24-2025 04:13 AM

i`m using EAP-TLS for user`s Authentication , but i need to know how can i authenticated only the PC`s join domain  

0 Helpful

ahollifield
VIP
VIP
In response to Saeed Abd Elhalim Hamada

‎03-24-2025 04:24 AM

Well if the endpoint has a certificate from your PKI they are probably already on the domain no?  

You can do a binary comparison in the CAP or in the Authorization policies, check that the endpoint is a member of Domain Computers.

bbouchaiba
Level 1
Level 1

‎03-24-2025 04:59 AM - edited ‎03-24-2025 04:59 AM

 

Hi,

If you are using ISE, you can use the attribute below in your authorization profile:

Network Access:WasMachineAuthenticated ==True 

0 Helpful

JPavonM
VIP
VIP

‎04-07-2025 12:22 AM

But take care with using the attribute Network Access:WasMachineAuthenticated ==True as it may happen that MacOS users won't be authorized as the machine authentication is not passed.

0 Helpful

PSM
Level 1
Level 1

‎04-07-2025 05:43 AM

You can create authorization rule where you put a condition to match if the machine is part of "Domain Computers" or similar group in Active Directory. You can refer multiple groups to include all the domain joined endpoints.

0 Helpful
Customers Also Viewed These Support Documents