Folks,
I have a large customer currently doing PEAP for wired and wireless and using Stealthwatch. Identity information is going to Stealthwatch via syslog. All is good in the world.
Now they are moving to Machine certificates for better security. We had a discussion about Stealthwatch not getting the user identity information then and recommeded user certificates also. The AD team is balking due to the storage needed for the user cert in the user object.
Question - can we use an EZConnect connection into AD to get the user information even if we are not doing EZConnect via WMI?(I know this is not the use case for EZConnect). Any other way for Stealthwatch to have the proper user and profiled device information?