Hello, I'm looking at managing iOS and iPadOS soon (have only managed macOS previously). Has anyone used Jamf AD CS Connector to issue certs for 802.1X on iOS/iPadOS? Jamf documentation seems to show SCEP is the only option for cert-based authentication on iOS, but I can't get confirmation on that and Jamf Support suggested I try AD CS Connector (without clarifying if it should work or not)
I'd rather not prompt users for wifi passwords with PEAP. I believe I could setup a service ID for PEAP so authentication is automatic, but wouldn't want to use a single credential for everyone if I could avoid it. So certificate based authentication with unique certs is my preferred option if there is a way to do it. If that means only SCEP, then that'd mean I need to setup a SCEP infrastructure and that's not ideal either.
Any guidance is appreciated, thank you!
We use Aruba brand Access Points in our WIFI network. 802.1x is used to connect to the network through these products and we include users in the network by verifying with a certificate. At this stage, identity and certificate verification is done with an application called ClearPass. The ClearPass application also serves as an MDM server and SCEP server. When we connect to Access Points, the ClearPass application sends a profile file to users via a web interface. Actually the whole solution is contained in this profile file settings. We changed the part specified as "user" in the settings of this configuration profile file, sent to MacOS devices by the ClearPass application, to "system". Thus, as soon as our MacOS device was turned on, the user was able to connect to the network automatically without logging in. If the application you use is ClearPass, I support this article with screenshots. You can use the screenshot below. After making this change, you need to delete and reinstall the WIFI profile on the macOS device. After this step, the problem disappears.