Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
AgentX44
Participant

Identity awareness deployment for Non-AD Member

Here's the scenario - the customer management would like to restrict the corporate users on using non-domain laptops when connecting to the corporate network. Only domain managed devices can be allowed, non-domain laptop should be restricted even the corporate user entered the correct corporate domain credentials to the captive portal, their access should be denied because the device is unmanaged by the AD.

Can we implement this kind of use case? are there any option on Identity Awareness that can we install like an agent and check the user endpoint if part of AD or not? 

0 Kudos
2 Replies
G_W_Albrecht
Legend
Legend

0 Kudos
PhoneBoy
Admin
Admin

Access Roles can include machine identity, which will only exist for machines in AD.
This should allow you to create more restrictive rules for users on machines not on AD.

0 Kudos