Hello,

If you do not need user authentication to assign different VLAN associated to groups, the best solution is Certificate Machine authentication. the deployement of machine certificates is easy with GPO.

there is no difference between machine and user authentication in IC. but AD does not support LDAP machine authentication.

Regards,

Stanislas

Hello

i will use the assignment of remediation VLAN from the IC to the users whom didnt pass the policy check.

if the Certificate Machine authentication is the best, then how it works.?

- what about Gina, do you recommend it?

Thanks

Hi,

On Windows 7 systems, the capabilities for GINA are provided by Credential Providers.

Feel free to refer the release notes, this should be a good resource for you to understand the known issues and limitations.

http://www.juniper.net/techpubs/en_US/oac5.3/information-products/pathway-pages/oac-series/oac-relea...

Thanks

is there a difference between the machine authentication and certificate machine authentication?

Thanks

Hi,

can i get a step by step procedure for configruing certificate based authentications using local & also conjunction with another server? pls its very urgent.....

---

@apaul wrote:

Typical machine authentication uses either a statically defined user account or the machine credentials that were created when the machine ID was set up in Active Directory.

In case of certificate machine authentication, users to be authenticated based on attributes contained in client-side certificates. You can use the certificate server alone or in conjunction with another server to authenticate users and map them to roles.

Thanks

---

Hi,

I am not sure whether sure a document like the one that you are looking for is available or not.

However you could open a JTAC case, for technical assistance on your requirement.

Thanks