- Jamf Nation Community
- Products
- Jamf Pro
- Re: Configuration Profile: Network Payload - Use D...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Configuration Profile: Network Payload - Use Directory Authentication?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 05:31 AM
In short, what is "Use Directory Authentication"?
We're building login screen network profiles and were wondering what the "Use Directory Authentication" piece uses. To see what I'm asking about, open your JSS navigate to a computer level Configuration Profile, and select Network Payloads, then choose WPA 2 Enterprise, followed by PEAP, there is an option for "Use Directory Authentication". We do use active directory to authenticate this network that will be connected to, but where does JAMF pull the "Directory Authentication" piece (ie: where do we set it)? When you check the "Use Directory Authentication" box, it fills the username/password fields with [set by directory].
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 05:41 AM
This means that when a user enters their username and password to login to the machine, it will contact the domain to verify authentication. Meaning, you won't have to add each potential user to the system as local accounts.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 05:51 AM
You could be correct, but if that is the case, how would that allow for "Use as login window configuration" meaning it would be connected to the wifi while sitting at the login screen, thus nobody would have input credentials for it to be using.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-15-2013 12:07 PM
There is a bug that does not let this checkbox apply when checked. When will this be fixed? I am trying to setup 802.1X Wired Ethernet through config profiles and after I check this I go back after I hit save and it is not there!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-09-2013 08:07 PM
I can confirm that is happening in my environment as well @ 8.64. Can someone just put up the xml hard code so we can edit the xml that way? Instead of trying to get the gui method working properly?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-20-2013 09:25 PM
I got around this by using the osx Profile manager from 10.8. Once i had that, I was able to change the xml code to what I needed.
<key>PayloadContent</key> <array> <dict> <key>AuthenticationMethod</key> <string>directory</string> <key>AutoJoin</key> <true/> <key>EAPClientConfiguration</key> <dict> <key>AcceptEAPTypes</key> <array> <integer>25</integer> </array> <key>OneTimeUserPassword</key> <false/> <key>SystemModeCredentialsSource</key> <string>ActiveDirectory</string> <key>TTLSInnerAuthentication</key> <string>MSCHAPv1</string> <key>UserName</key> <string></string> <key>UserPassword</key> <string></string> </dict> <key>EncryptionType</key> <string>Any</string> <key>HIDDEN_NETWORK</key> <false/> <key>Interface</key> <string>FirstActiveEthernet</string> <key>PayloadDisplayName</key> <string>Wired 802.1X</string> <key>PayloadEnabled</key> <true/> <key>PayloadIdentifier</key> <string>com.your.identifier</string> <key>PayloadType</key> <string>com.apple.firstactiveethernet.managed</string> <key>PayloadUUID</key> <string>[GUID-info]</string> <key>PayloadVersion</key> <integer>1</integer> <key>ProxyType</key> <string>None</string> <key>SetupModes</key> <array> <string>System</string> </array>
