Hi all. Thanks for taking the time to help. here's my scenario.
I need to provide a method where I can allow contractors and consultants into our portal but not allow them to launch SharePoint for example.
Now I know I can do this with groups, but this is not the preferred method at this time for various reasons. Additionally I need a way to identify corporate owned assets vs. personal pc.
My solution, use GPO enrolled user certs as my corporate PC identifier. If you have a user cert then you can launch the SharePoint application. If you do not have a user cert then the SharePoint application would be disabled.
I have enabled the certified endpoint under the trunk "session" tab. Now at logon I enter my credentials, and choose my user cert. I now show up as a certified device under "system Information". Perfect, no problem with
the cert process. The question is how do I use certified device (yes/no) as a control mechanism to launch the SharePoint application? I do not see an endpoint policy "Certified Device" to define application access. If I use "Default
Privileged Endpoint" the SharePoint application is disabled regardless if I am certified or not.
I'm a little lost, heck I may be going down the wrong road.
Microsoft réalise une enquête en ligne pour comprendre votre opinion sur le site Web de Technet. Si vous choisissez de participer, l’enquête en ligne vous sera présentée lorsque vous quitterez le site Web de Technet.