Solved: NAM profile editor, Machine Identity pattern

ngtransge · ‎09-20-2012

“Machine and User Connection”

I am using Anyconnect Profile Editor, and got problem with making pattern for machine Identity. By default it is set to host/[username], the problem is with PEAP machine authentication on ACS I see host/username, Is there any pattern that will ensure that on ACS I receive host/[pc.name].[domain], in following format ? So if PC name is WIFI-PC and domain name is demo.local, it should be in following format host/WIFI-PC.demo.local.

Tarik Admani · ‎09-20-2012

Hi,

You have nothing to worry about, when ACS sees the format of host/machinename.domain, it automatically knows that this is a machine account and handles the authenticaiton correctly. Even the windows native supplicants sends the machine authentication in this format

If you check the netlogon logs you should see WIFI-PC$ for machine auth.

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

Tarik Admani · ‎09-20-2012

Hi,

You have nothing to worry about, when ACS sees the format of host/machinename.domain, it automatically knows that this is a machine account and handles the authenticaiton correctly. Even the windows native supplicants sends the machine authentication in this format

If you check the netlogon logs you should see WIFI-PC$ for machine auth.

Thanks,

Tarik Admani
*Please rate helpful posts*