Support Center > Search Results > SecureKnowledge Details
When using Identity Awareness resources cannot be accessed based on machine role only, without a user logged in on that machine Technical Level
  • Resources that are based on machine hostname only cannot be accessed until a user logs in and gets mapped with the machine.

Once the host machine boots up, AD assigns it a role in the domain. PDP daemon then learns the machine role, and Identity Awareness database is updated with the machine role successfully. However, resources based only on hostname cannot be accessed until some (any) user logs in and gets mapped with the machine.Desired behavior is that Identity Awareness allows access to resources once machine boots up, with access role for machine identity only (any network, any user, identified machine or specific machine), before any user logs in to the machine and gets mapped to it.

PDP daemon learns machine role from AD query. However, this identity is not passed along to PEP daemon as long as user is not mapped to that machine.

Note: To view this solution you need to Sign In .