I am looking for a way to ensure that only users with domain joined computers can access the VPN. I am taking a look at the Event Viewer logs for NPS events and see the following are passed in for user and client machine
User:
- Security ID: mydomain\myusername
Account Name: myusername
Account Domain: mydomain
Fully Qualified Account Name: mydoamin.com/Active/Users/Last, First
Client Machine:
- Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
Called Station Identifier: m*************8
Calling Station Identifier: 68.*.*.*
Is there a way to get the Cisco AnyConnect client to pass the Client Machine info into the NPS Radius when it connects to the MX?