Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
427
Views
0
Helpful
2
Replies

Performing posture assessment once a day

dgaikwad
Level 5
Level 5

‎03-15-2019 09:34 AM

Hi Experts,

There is this requirement that I am testing out at a client.

We are using NAM to allow machine and user authentication, so when both pass then access is granted.
The client wants the posture assessment to run once a day, so make this work I went to Administration -> System -> Settings and Posture General Setting, and made the setting Perform posture assessment to every 1 day.
Since, then what I have observed is that, when the user logs off from the machine and tries to login back, he gets error message that no logon servers found.
When checked the logs, the machine was authenticated, but the user login failed, due to the above error.
The only way to get around this was to restart the computer and re-login the user, thus making machine and user both succeed.

Any idea why this might be happening?

0 Helpful
2 Replies 2

Dustin Anderson
VIP
VIP

‎03-15-2019 01:51 PM

When the user logs out, what do you do with the PC only authentications? Do they sit on a network that can't access AD servers?

0 Helpful

dgaikwad
Level 5
Level 5
In response to Dustin Anderson

‎03-18-2019 12:18 AM

Yes, when the user logs off, there is one authorization profile is used.

Basically, when machine passed but use fails, limited connectivity ACL is pushed on the port. This ACL only has access to PSN, DNS, DHCP and AV Servers.

0 Helpful
Customers Also Viewed These Support Documents