Hi!
Quite a strange question ...
It is necessary on RD Gateway to check the computer name for correspondence in advance known.(Or any other marker, the easiest to install on third-party PCs and tablets)
If there are no problems with domain machines (On the NPS simply specify the rule in the CAP with the domain group of the PC), then with non-domain machines the problem.
Ships on logs, they send the following information about themselves:
Client Machine: Security ID: NULL SID Account Name: Notebook Fully Qualified Account Name: - Called Station Identifier: UserAuthType:PW Calling Station Identifier: -
As an example of logs with the connection of a domain machine:
Client Machine: Security ID: Domain\pc1$ Account Name: pc1.Domain Fully Qualified Account Name: Domain\pc1$ Called Station Identifier: UserAuthType:PW Calling Station Identifier:Actually check on Account name somehow it is possible?
If not, what criteria can I filter out non-domain PCs without smart cards? (For example, an installed certificate, some other identifier?)