3 Feb
2012
3 Feb
'12
7:50 a.m.
On 02/03/2012 12:27 AM, Dan Letkeman wrote:
This would be a nightmare to manage. We have 2000+ clients. I see the advantage, if the certificate was compromised that this would be important, but how in the world would you manage this?
Use the Microsoft CA, and use machine auto-enrollment. It's the only sensible way, if you want to use certs. Personally we (plan to) use PEAP/MS-CHAP, and check the machine account against AD using ntlm_auth.