Managed macOS devices intermittently failing wired and wireless authentication, any ideas?

DaveRukamp
New Contributor

Anyone have ideas on how to get the client to consistently present the computer name during the authentication attempt? My understanding is that the 'Use Directory Authentication' option in the profile configuration should be forcing this. I thought I came across an article from back in the 10.10 days where this was discovered as a bug and fixed in 10.11, did it come back?

Problem Statement: 

Corporate managed macOS devices are intermittently failing wired and wireless authentication against the Aruba ClearPass policy. The issue appears to be that sometimes the Mac is sending the logged in user’s username for authentication rather than the Mac Computername which is what is expected.

 

Additional Problem Statement context:

When a Mac authenticates the authentication attempt is passed to the ClearPass policy manager. The ClearPass policy is expecting the Mac to pass along its Computername in the 'Username' field. It then validates that this Computername is in the Macs OU in Active Directory to determine if the Mac should be on the Internal or External networks.

The problem is that a small percentage of the time the Mac is passing along the username of the user that is logged in rather than the computername and so can't be validated as a corporate Mac and therefore gets put on the External network.

We don't understand the cause of this behavior. The issue could be networking related or it could be strictly client side.

 

Timing:

The current configuration had been working for over a year and only started having issues in the last month.

 

Scope:

Only some of our Macs are experiencing this. Even these are only experiencing it sometimes

Affecting a small audience right now, <10 instances that I'm aware of

Affecting Wired and Wireless at the ITC, Wired in building 9 and Wireless on Main Campus

 

Workarounds:

usually, disconnecting and reconnecting 1 or more times can get a proper connection

rebooting and connecting to wifi can get a proper connection

Connecting via VPN

 

Configuration:

Operating system versions: MacOS 13 & 14

We are using Jamf to deploy network configuration settings to all Macs, below is the profile configuration

Profile Level: Computer Level

DaveRukamp_6-1717618681547.pngDaveRukamp_7-1717618696742.pngDaveRukamp_8-1717618709506.png

 

1 REPLY 1

DaveRukamp
New Contributor

Anyone have any ideas?