Flow issue - User level config profile - certificate

Contributor II

I need some bright ideas, as I am a little stuck

we Deploy User level config profiles for out 802.1x network (through adcs user certificates).
So config profiles is scoped to all computers and the certificate are in keychain. But for some reason, if the user deletes the cert(if resetting keychain etc) the config profile will not automatically be re-deployed.

I have set up a smart group that scope to a group, if the certificate is not installed. But guess what - if a client has the cert missing it kicks into "missing cert" scope and the certificate is deployed - but afterwards as the client got the cert it is out of scope again, and the certificate is then removed again from keychain.

How can this be made the best way