CSP Policy - Authentication/AllowEAPCertSSO RRS feed

  • Dotaz

  • Hello,

    I am implementing Windows 10 native VPN (ikev2) with cert-based authentication to on-premise (gw is fortigate)

    When VPN connects, it will add *Session cert-based credentials to Credential Manager, so it is trying to enforce this type of authentication also for on-premise resources.

    But some resources support only NTLM (SSO) - Only option how to disable of enforcing cert-based authentication for on-premise resources and be able to authenticate via NTLM is registry key MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds which disable Credential Manager from caching credentials.

    I also found CSP Policy Authentication/AllowEAPCertSSO which should do what I need but it has no effect.

    Does anybody know more about the purpose of this policy ?

    pátek 27. listopadu 2020 14:58

Všechny reakce