we use Anyconnect Client for Machine Authentication. Authentication is for WLAN done by WLC that asks ACS5.3 that uses Active Directory as the identity store. You have enabled Machine Authentication and Machine Access Restrictions (MAR) with an Aging time of 2160 hours (90days).
Problem appears if user Hibernate or ACS is reloaded and machine Authentication timer expired. User need to Logout and wait or reboot that machine authenticates and then user can login again.
ACS logs:"ACS has not been able to confirm previous successful machine authentication for user in Active Directory"
Somebody mentined ther is a hiddeen feature in Anyconnect that allows machine authentication while user is logged in to the machine. Somebody know how to enable this?