Jamf Nation Community

Hi Chris,

Thank you for your response. Can you please provide an article to push network config profile to Macs to do PEAP computer authentication using JAMF? I could not find any articles. In this pdf http://www.enpointe.com/images/pdf/Integrating-OS-X-with-Active-Directory.pdf
it says that there is a way to do this using JAMF software.

Thanks and Regards,

Aravind Ravikumar.

Yes, this can be done. Where it can get complicated is if you need to use per-computer certificates (complicated), or a single certificate (easier). If you have a .PFX file, you can upload it into a "Certificate" payload in a Configuration Profile (set to Computer scoping), then configure the Network payload with the TLS Protocol, and select the Certificate uploaded in the Identity Certificate selection.

If you need per-computer certificates, it is a bit more complicated as you need to configure the AD Certificate payload, and set the Username to $COMPUTERNAME (err, something like that).

Please use the search here in JN; there are other posts about how to do this that explain it in more of a step-by-step process.

https://www.jamf.com/jamf-nation/discussions/27058/eap-tls-certificate-based-wifi-authentication#responseChild160581 for one example.

Hi, I agree with @KSchroeder this is exactly what we have done, with a single certificate.
Mac devices are bound to AD and the AD object is added to a Wireless security group that is part of our radius setup.

Then in Jamf, create a wireless profile, specify the SSID and use computer based authentication, specifying PEAP / TLS etc, making sure that WPA2 Enterprise, or Enterprise ANY is used. Then specify your uploaded certificate, scope it out and you should be good to go.