We deployed a configuration profile for EAP-TLS wifi authentication close to 90 days ago, so users are starting to approach the 90 day expiration for their certificates and are being prompted to update as shown in this Apple doc.
Is there a way to make the Mac renew the certificate automatically in the background, instead of prompting the user to do it?
@bentoms how are you redeploying?
I've figured out that I can remove the MDM profile and re-enroll the machine with MDM,
#!/bin/sh jamf removeMdmProfile; sleep 10; jamf mdm
which has the end result of nuking the AD cert and grabbing a new one, but "nuking" seems like the operative word. I'm hoping for something more elegant, a bash command or script that basically says "Yeah, that AD cert that's going to expire in 14 days--go ahead and renew it." That way the user doesn't get bugged to go into SysPrefs and click the "Update" button.