Help

802.1x Login Window Profile Replacement 10.7

jhbush
Valued Contributor II

Posted on ‎09-14-2011 12:47 AM

I'm trying to get a 10.7 equivalent to the Login Window Profile used in 10.6. I have a user based one that works, but it doesn't get the proper Kerberos ticket on wireless. They all show 1953 as the year. Apple has mentioned using the Server Profile Manager, but I can't seem to find a real method of doing it. My environment is all AD with Mobile accounts. The way they make it sound is that I would need to add them to the Mac Server and manage them there as well. The profiles are just XML files so if you have one you should be able to share it.

Jason Bush | End User Technology
Expedia Inc. - Bellevue Office | 333 108th Ave NE, Bellevue, WA 98004
![external image link](attachments/6edbf8eec8f14a969a7ee6b2ba53f919)
![external image link](attachments/86694c205fa1451abee5df1b1998fb92)

0 Kudos
Reply
1 REPLY 1

plawrence
Contributor II

Posted on ‎09-14-2011 06:52 PM

Jason

The only way I have been able to get this to work is by using a 10.7 server, you then have to 'bind' your macs to the Lion server using Profile Manager and Enrolment Profiles, some notes:

In Profile Manager on the server, click the + button and create a new Enrolment Profile

Save this profile and copy it into /var/db/ConfigurationProfiles/Setup on the image machine

This will enrol the computer on boot

Then you make a new profile in Profile Manager and configure the 802.1x settings which will get pushed out to your managed clients.

That’s a fairly basic explanation, if you need more details let me know. I haven't found a way to configure 802.1x without involving Lion Server.

Patrick Lawrence.

0 Kudos
Reply