We are trying to move our Wi-Fi solution away from a username&password solution to a certificate based solution. Currently our MacBooks are on a separate domain from our PCs and we do not have a CA server set up just yet in the Mac environment. Because our InfoSec team is pushing hard for this, we are going to deploy a generic user cert from our other domain, where the NPS is, to our Macs so that they are able to authenticate on the WI-Fi. I've managed to do this manually and it works fine, but when I deploy it via Jamf (Self-Serivce or automatically), the cert gets deployed but it won't connect to the Wi-Fi.
Has anyone run into a similar issue, or could provide some insight as to why it does not work?
Make sure to have the Root and Intermediate Certificates from the other domain in the system keychain and set them to ALWAYS TRUST manually. Do the same in the System keychain for the Machine Certificate you get from the CA from the other domain for the Mac. Best to set to ALWAYS TRUST as well. Make sure to create the computer object first in AD and that is matches the Mac hostname.
Hey sorry for the lack of responses, but we finally got it working. We were applying the cert a the computer level as opposed to the user level...small oversight on our part. After that change, we generated a new cert and it works now.
@kericson Thanks for sharing that page! We're going to use that as a reference
Hello , I'm having a similar network issue , do you have a solution without jamf on my issue: https://community.jamf.com/t5/jamf-pro/mac-os-network-issue-210922/td-p/247246
Thanks in advance.