Hi community,I would like to know on which cases the cppm considers a client device as a [machine authenticated] role? please, your kindly support.Customer needs to use 802.1x PEAP (with radius certificate signed by AD CS and a CA root from AD CS). user authentication will be against AD as a authentication source of CPPM with one generic corporative group from their accounts. So enterprise endpoints should be tested having the following two basic conditions:*first rule: authenticated by user and machine , so CPPM enforcement policy should assign a corporative role*second rule: authenticated only by [user authenticated] ,so CPPM enforcement policy should assign a restrict rolealso, customer is asking, what happens if one corporate client device (joined to domain) doesn't have a root CA certificate on device and wants to connect to the corporate network. could it be authorized only based on authentication (second rule)?please your kindly support and opinion. i attached what i was thinking based on other recommendations
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.