AD User Cert for Local User on unbound device

New Contributor

I'm new to Jamf, and am struggling a little with getting an AD user certificate issued to my Cisco VPN users.

Devices are not domain joined currently, and users are using local accounts on their devices. I can provide the appropriate certificates for the Root and SubCA via profile, and am currently having to to go through a manual certificate request on our subCA to download the required user cert for VPN connection.

I've tried creating a profile with an AD certificate payload, with the appropriate details and the box ticked for "prompt for user creds", and when applying manually, it states the request has failed. System.log just gives "Failed to bootstrap path: path = /usr/libexec/mdmclient, error = 108: Invalid path". No too helpful.

Nothing gets listed on the subCA in failed requests, so I guess it's failing before it even starts - just need two know why...Am I trying to achieve the impossible without having the devices bound to the domain?