06-08-2015 07:00 AM
hello
i have a WSA which i have integrated with Active directory
some user are not in the domain and the client has said they should not be added to the domain
the issue here is
we used an in-house certificate authority and used a GPO to push the certificate to domain users
non domain user have to install the certificate every time
how do i avoid this
thank guys
06-10-2015 12:15 PM
Easy answer: do not use decryption :-)
Workaround: You could create an identity for guests and define in the decryption policy do not decrypt traffic from this identity. You can't have decryption without distributing the signing CA and not getting error messages at the same time.
06-11-2015 01:36 AM
Hello
if i configure a pass through function in decryption policy
Then non of the access policy would work on that identity
The client wants a policy to govern no domain user
thank you for the reply Marcel
06-11-2015 10:09 AM
Hi
Do you have an access policy which matches the non-decrypt identity? What does the policy trace say? And which version are you using?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide