Solved: Machine authentication without AD and cert

hariharan.siva-SL · ‎05-27-2019

Hi there,

Have anyone encountered a situation where you don't have an AD (we use cloud based LDAP, not to mention it doesn't manage endpoints like AD does) and we don't want to use certs. So is there a way to authenticate machines against an ODBC source. Store machine UDID or any other UDID instead of username/password in the ODBC source and validate against it.

Let me know if anyone was in this situation and how you went on to resolve this?

Thanks in advance

Cheers,

Hari

Jason Kunst · ‎05-29-2019

So you’re asking if we can authenticate without certificates or user credentials? The only way would be a possible lookup of MAC addresses using straight MAB.

Some example in this search - https://www.google.com/search?ei=ZufuXI3CJK-D5wK0zo3ICg&q=ise+odbc+mab&oq=ise+odbc+mab&gs_l=psy-ab.3..0i22i30.834.1383..1639...0.0..0.174.678.0j4......0....1..gws-wiz.......0i71j0i13j0i13i30j0i13i5i30j0i8i13i30.ePMvhU0LCBk

View solution in original post

Jason Kunst · ‎05-29-2019

So you’re asking if we can authenticate without certificates or user credentials? The only way would be a possible lookup of MAC addresses using straight MAB.

Some example in this search - https://www.google.com/search?ei=ZufuXI3CJK-D5wK0zo3ICg&q=ise+odbc+mab&oq=ise+odbc+mab&gs_l=psy-ab.3..0i22i30.834.1383..1639...0.0..0.174.678.0j4......0....1..gws-wiz.......0i71j0i13j0i13i30j0i13i5i30j0i8i13i30.ePMvhU0LCBk

hariharan.siva-SL · ‎06-17-2019

HI Jason,

Thank you for the reply and suggestion. We were exploring the possibility of using the anyconnect UDID to authenticate. But later because this is not possible we have decided to use UDID in authorization.

Cheers,

Hari