Hello,
I'm looking to create a service/policy that uses EAP-TLS to authenticate user and machine certificates but for authorization ensures that the account is still in good standing in Active Directory. Currently we're pulling the Subject CN and I have the policy authenticating valid certificates, but it's still authorizing the user regardless of the status of their account. I've done this with other Radius products, just trying to figure out how to do it the CPPM way ;)
Thanks,
Greg