I have a customer that is looking to reverse the machine/user authentication process.
1.) machine authentication occurs at reboot/login and CoA is pushed from ClearPass for a particular VLAN
2.) user authentication then occurs but only as a validation that that the user is part of AD, no additional enforcement is expected
This seems like a simple configuration but I cannot seem to figure it out. Is there a way to configure a machine authentication policy with VLAN enforcement without adding the user authentication?
Thank you for your time and assistance.