Forum Discussion
StephanGee
Jul 31, 2024Steel Contributor
Using CBA with a device certificate on Windows Server
Hi,
will it be possible to use CBA as "filter for devices" some day?
e.g. A Windows Server which is not hybrid joined or managed by Intune could then be identified as a "valid device" which is allowed to access Admin portal.
Like a RADIUS Auth.
BR
Stephan
- MatejKlemencicBrass Contributor
Hi StephanGee
With CBA, a certificate is associated with a user rather than a computer certificate. I doubt this will change in the near future. Personally, I prefer joining Windows Servers as Hybrid when there's a need to access an admin portal. Do you have any concerns or difficulties with this approach?
- StephanGeeSteel ContributorI know there might be better solutions... (e.g. Windows365)
But we have external suppliers that use a general login account. Therefore they are not hybrid joined, connecting from different IPs and cannot be recognized as threats.
I then would have the possiblity to scope on these certificates as "allowed devices"