Have a Sharepoint 2013 server being setup for evaluation and test purposes, looking to have the resources accessible both through intranet and internet (so our managers could still access resource and make changes from home (It's not going to be publicly accessed)).
Problem I am having is trying to work out authentication, it's currently using NTLM windows authentication against the company AD server which is working as intended except in a specific case, as a little background information (Since I think this is part of the problem) our network admin restricts users to only being able to log in from specific PC's (Their own cubicle/office/laptop/etc and not another employee's PC)
When they are login in from their PC it works as intended, when they use their company machine (laptop) at home it works as intended.
However, when they attempt to log in from their personal PC at home, or from a mobile device the login is rejected, I believe this is related to the AD restriction of only being able to log into the domain from specific PC's as when the restriction was lifted from a account temporarily everything was accessible from any device and when it was put back in place access is only permitted from devices that are on the white list.
Looking for insight into the matter, not sure if this is more of a AD question or a SP question but the network admin would rather not remove the restriction from all accounts and other attempts have had no luck in getting around this.
Would like to keep this at a single mode of authentication if possible, I'm trying to stay away from page based logins (directed to a website to enter credentials, rather have the authentication box pop up as it does under NTLM) and would like to utilize the AD server so passwords and accounts are always in sync with the domain and don't require separate management.
Suggestions to handling would be appreciated, Feels like it's a simple solution but it escapes me.
Thanks