I'm wondering if anybody has a suggestion how to only allow workstations that is installed and a part of our corporate domain/azure.
First my thought was to check the registry for which domain the computer is joined but that "failed" since it is connected to an azure domain which then also creates a registry entry but the "hives" name is diffrent on every computer.
Also I was thinking of a computer certificate but that isn't present so I think that would be a harder "nut" to crack.
So any other suggestions or ideas?
We use a machine cert from our Active Directory Certificate Services. The cert is installed when a machine joins our on premise domain.
If you're using Azure, are you also using Intune? We're testing authenticating against Azure using Conditional Access policies and compliant devices.
Yeah, that was my thinking too.
Problem is that I'm not the one in charge of the domain/azure cloud.
Ofc I could talk to management to get something in place but it will take time so I was hoping for a easier solution