I set it in the lab and I had to logoff the pc to trigger the machine authentication. Is there a way to trigger the machine authentication without having to logoff the pc during the initial dot1x setup( I don't have the problem during subsequent machine authentications coz ACS is caching them, I'm having MAR enabled)
I'm having a picky customer who has around 1000 users and don't want to logoff all machines during initial setup! Is there a way? what is the best practise?
Ok thx a lot for your help, already went through this document before, it helps if we need to perform only machine authentication but still we need to logoff machines to trigger the machine authetnication.
Just one more question, if we restart the netlogon service without logging off the pc can this help?
Not sure if that can help. But if you change registry settings, etc. then you'll need to restart the WZCSVC anyway (or reboot the machine). Either way, I don't see a way around this without actually logging out. You can deploy it via GPO though, right?
At the end of the day, you're telling the machine how to authenticate. machine-auth only, machine-auth plus user-auth, user-auth only, etc. If any of the configurations involve machine-auth, and you're logged in as a user when you make the configuration change, then if the customer has issue with this, they'd have issue with how MSFT handles this type of situation in general.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...