Security

Hi forum,

If I have a laptop that is used as a loaner for whoever needs it, does every user have to onboard or should it only be onboarded once?

I guest a good question, is the onboard certificate has the username of the AD member or the Machine name?

Thanks in advance,

If you are using user-based certificates, they are only available in the user context and each user would have to onboard.  If you are using machine or computer-based certificates, it only has to be done once.

If it is expected that only one user account or local account will be use to access the computer then it will only have to be onboard once using the account used initially to onboard the device

Actually it will be used by multiple AD members and I’m not sure if the good old Onboarding issues user certs or machine certs.

Any idea which one is more secure? I guess user certs are more secure since the are tied to a user ad account.