Machine authentication privileges
Hi,We are using 802.1X machine and user authentication with CISCO ACS Appliance, Windows 2003 certification authority and windows 2003 R2 active directory. The authentication works normally if the computer is member of administratorgroup only. I'm looking for the privilege which the computer have to have without the adminsitor profil. Best regards,
December 9th, 2010 4:50am

Hi, I suggest checking the policy conditions of the remote access policies defined in the environment. Is domain admins group required to pass the authentication? http://technet.microsoft.com/en-us/library/cc786581(WS.10).aspx This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
December 14th, 2010 3:29am

what RADIUS server do you use? The Microsofts IAS? Did you really put the computer account into Domain Admins group? How did you come to such a idea for the testing? I just suspect you are trying something else than you think you did. How are the computers supposed to be authenticated - by the certificate only or by their computer AD account? ondrej.
December 14th, 2010 4:18am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics