During our ISE deployment we are trying to fit two simple requirements: machine and user authentication as well as centralized Windows computer administration, however, it does not seem to be a standard way to meet such a simple scenario:
User authentication over RDP sessions: Not supported by the Windows supplicant, so we moved to AnyConnect, but then:
Force user log-off by administrators and Windows Remote Management (WRM) for troubleshooting purposes: Not supported by AnyConnect NAM. Any workaround like registry modification? and...
Avoid twice credentials prompt on RDP: AnyConnect drawback. Any workaround like registry modification?
Can't understand why such a simple scenario can't be met by a single supplicant.