Apologies if this has been answered already but we are trying to push an 802.1x LAN profile down to our macOS devices.
We have managed to push the wireless equivalent down with a certificate etc however when we try and create the LAN equivalent the device doesn't pick the certificate defined in the profile.
Has anybody come across this issue before?
We've seen a similar issue in the past with windows devices where you have to start the wired auto config service but wasn't sure if something similar was required on macs?
thanks
Best answer by infrase2020
@infrase2020 Are you applying your wired network Configuration Profile at the User or Computer level? While Jamf will allow you to deploy the configuration at the User level Apple's MDM spec indicates that for wired profiles only Computer level is supported.
We are targeting at computer level.
Our profile contains the following:
Certificate
Network - First Active Ethernet
Identity Certificate - Scep Device certificate
Trusted certificate - Scep Root Certificate
Trusted server certificate names
SCEP payload
Use the external ca settings to enable Jamf Pro as a scep proxy
As i said on my original post, the exact same settings work for wireless profiles but not ethernet, have i missed something?
@infrase2020 Are you applying your wired network Configuration Profile at the User or Computer level? While Jamf will allow you to deploy the configuration at the User level Apple's MDM spec indicates that for wired profiles only Computer level is supported.
@infrase2020 Are you applying your wired network Configuration Profile at the User or Computer level? While Jamf will allow you to deploy the configuration at the User level Apple's MDM spec indicates that for wired profiles only Computer level is supported.
We are targeting at computer level.
Our profile contains the following:
Certificate
Network - First Active Ethernet
Identity Certificate - Scep Device certificate
Trusted certificate - Scep Root Certificate
Trusted server certificate names
SCEP payload
Use the external ca settings to enable Jamf Pro as a scep proxy
As i said on my original post, the exact same settings work for wireless profiles but not ethernet, have i missed something?
Use the external ca settings to enable Jamf Pro as a scep proxy
As i said on my original post, the exact same settings work for wireless profiles but not ethernet, have i missed something?
So much for that theory then... When you say the LAN connection isn't picking up the certificate is that because you're seeing a prompt to select a certificate for the wired connection, or is the 802.1x auth failing because it's not getting a valid certificate?
Tip: You will eventually run into problems on some machines where First Active Ethernet isn't eth0.
We had that as our original setting too and I had to eventually change it to 'Any Ethernet' to cover all scenarios. Now works fine on all our devices without issue.
Use the external ca settings to enable Jamf Pro as a scep proxy
As i said on my original post, the exact same settings work for wireless profiles but not ethernet, have i missed something?
Hello! I am not too familiar with network/certificates. Would you be able to post screen shots of your profile(s)? I am struggling on getting everything setup correctly!
