Solved

Auto-Enrollment Group Policy

Posted on 2016-10-20
2
53 Views
Last Modified: 2016-10-25
We currently are undergoing a big wireless expansion for our Care Center onsite. To have dual authentication we have a machine certificate and a user certificate assigned. Having just the machine cert alone drops you in a limited VLAN while having both the User and the Machine cert drops you in a full access VLAN. The machine certificate processing is working as it should, however the user certificate is delayed and is only getting applied about 45-60 seconds after the user has logged in.
The problem I have is that I need it to apply during the initial login like my printers, mapped drives, etc. work. I have already moved it up Link Group Policy Objects list and have it enforced, but it still gets applied too late. I need it to be applied before their initial desktop comes up.

Any way to make this work?
0
Comment
Question by:Joe Lowe
2 Comments
 
LVL 16

Accepted Solution

by:
Michael Ortega (Internetwerx, Inc.) earned 250 total points
ID: 41853204
I don't believe there is any method to speed up that process. It's an inherit delay.

MO
0
 
LVL 80

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 250 total points
ID: 41853208
If the user logs out then logs in then they will have the certificate and should have full access
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question