- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
10-17-2023 11:35 AM
10-19-2023 01:22 AM
All looks good to me but not sure why you would also use LDAP with cert auth if incorporating with SSO. The user will obviously need to login to laptop for cert auth to kick in so why forward those “cached” creds as a 2nd factor..
we only use cert auth for pre-logon/client logon but also incorporate bitlocker to laptops as another factor.
This is all on the assumption that each of your users have their own personal user cert….
As for your general question, the client auth will not detect the pre-logon cert in machine store as it has no username associated…
HTH.
12-09-2024 06:06 AM
I'd like to know if it's possible to use TPM certificates since Windows permits biometrics or pin. Maybe a combination of simply using a cert for pre-logon network access with Global Access and then a pin with TPM might work. Has anyone tried it?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!