What strategies work well for identifying the machine a user is browsing from?
Assumptions: Domain User on a Domain Machine using IE and Integrated Windows Authentication with at least NTLM.
This SHOULD be easy, but I can't find how you can pull this info out of Request or any other hole. Per-client certificates seems a lot of overhead (and I don't even know if you can access the certificate info through Request). I also thought about a MAC address-based scheme... ick. Calgon, take me away!
Request.UserHostName does a reverse dns lookup on the IP address in the HTTP header. For our purposes this is going to be too unreliable. Thanks to RM for the pointer.
In the end, I believe we are going to recommend per-client certificates, and track our machine specific info in a database based on the Request.ClientCertificate.
you could also try sending a nbtstat-style ping back at the IP address in the Request. The 20h record in the response will be the hostname. A google search turned up several code samples for this.
It's worth a shot, it seems like that would be easier than distributing and maintaining per-client certs.