Our organization is rolling out device authentication feature for users. It’s a great feaure to secure ours but there are some users in our company using older version of Macbook (2017 w/o Touchbar) and cannot using the device authentication. I am wondering that there is a way to support the older version of Macbook that we want to fully rolled out this feature.
Once the option is enabled on a server it is required for all connections on that server. There are no alternatives or external devices to support Secure Enclave or TPM, it must be built into the device. Almost all Windows computers will have a TPM, many older computers have it disabled by default in the BIOS. An additional server can be created that has the option to support users who don’t have support. These users should be placed in a separate organization and to limit access to the server without device authentication.