Skip to main content

Hey everyone, I have been going through different posts across here and Reddit, and I could really use some help. I am attempting to use the Jamf ADCS connector to push a machine certificate to a MacBook, which I can get it to do successfully. In the same profile, I have the network configuration in place there as well.


 


The issue that I am running into is not anything with the certificate/Jamf side, but with the Windows RADIUS server. I have an unbound AD object for the machine created, but I am unsure what I need to do with the object. The machine currently is successfully attempting to authenticate with the certificate, but NPS is rejecting it for error 8 - User account does not exist.


 


Does anyone have this set up in their environments, and is there a better way to do things? My security and systems teams won't let me domain bind the Mac devices, so I am using Jamf Connect for authentication, and I assume this is also why I am having account issues.

You just need to make sure, the object created is in the scope of NPS policy. Also, sometimes replication takes time from DC to NPS

You just need to make sure, the object created is in the scope of NPS policy. Also, sometimes replication takes time from DC to NPS


I've taken a look and replication isn't the issue in this case, and the AD object for the computer is also within the scope. The NPS logs are just showing that there is no user account for the certificate, I believe it is related to the certificate not being tied to the AD object.

Terms & ConditionsCookie settings