Explicitly Transparent or Transparently Explicit or... something?
Hey folks... maybe y'all can help me out.
I've got a 200D that's working with a DC polling agent to provide authentication for browsing and has NTLM enabled on the policies to allow for easy, mostly invisible authentication for my clients. I enabled NTLM because we have a lot of users that switch back and forth between wired and wifi and the Fortigate and polling agents don't see to always keep up. Truthfully, even with NTLM it's not always 100% certain users switching between the two mediums will always be able to immediately get back out to the internet. It's been an ongoing hassle for awhile. REGARDLESS...
I've got a situation now where we will have non-domain PCs and Macs on the office network and those users will need to get out to the internet. The USERS will have domain credentials, however.
How best should I go about enabling those users to browse? Set up an explicit proxy that will prompt for credentials? How will that impact my current users? Will that actually make things easier for the users who swap connections often and sometimes have problems getting authenticated? Do I HAVE to push a GPO to all my PCs setting the proxy address? I'm kind of at a loss and support said "It's not a break/fix issue. Here are some articles. Have fun!"