Forum Discussion
AltocumulusF5 APM Check Domain Membership
AltocumulusHello, thanks for your reply. I find these information where tells that i can use a Machine Certification Authentication Agent for check domain membership. Someone have used these method?
Machine Certification Authentication Agent
When configured on the domain controller, Windows Machine Certificates will automatically be installed when Windows PC joins the AD domain. This is true for Windows Vista and later and Window 2008 Server and later. The process of installing the machine certificate is manual for earlier versions.
This machine cert can be used in the authentication process, typically as part of a two-factor auth process. There are three branches for the agent.
• Successful: the Machine Certificate was found and the private key was verified.
• Found: the Machine Certificate was found, but the private key was not verified. This is possibly because it could not be read due to misconfiguration or due to Windows permissions. Regardless of reason, this is not a valid security proposition.
• Fallback: as an invalid logon attempt.
