Posted on 08-06-2014 08:21 AM
Hi All,
We are in the middle of enabling 802.1X on our network via Ethernet cables, so far we have two configuration profiles, 1 that gives the Mac network before a build with Casper Imaging (802.1x also present in the netboot set) using stored username and password credentials. The other is a policy in the Casper Imagning process after the "Enrollment Complete" state, whereby the 2nd profile installs after the Mac has been bound to AD as the second profile needs to request a machine certificate from the AD Server, at this point both configuration profiles are present and at the point of install we successfully get Network using EAP-TLS using the 2nd configuration profile settings.
When we remove the 1st configuration profile this stops the network using the 802.1X configuration settings for the second profile unless you manually select the machine certificate and click Connect.
The CA Certificate is used in both config profiles but appears after the removal of the 1st config profile it stops the 2nd config profile from working. Its like the 2nd configuration profile can not identify the correct settings after the 1st one has been removed. I hope that makes sense has anyone else in the community seen this or provide any assistance?
Posted on 08-06-2014 11:19 AM
Is the CA Cert removed after removing the 1st profile?
Posted on 08-06-2014 01:17 PM
The CA Cert gets updated when the 2nd Config profile installs so when the 1st config profile is removed only the username and password entry from the system keychain is removed not the CA cert.