Using Config Profile to connect Mac automatically to WiFi that uses AD credentials

We do this with Configuration Profiles. The trick (depending on your environment, of course) is that you might need an account (a User) set up in AD for the profile to first connect to. Then the user authenticates as a second step at the login screen of the Mac. Without this initiator account, many times the user will not be able to access AD over a wireless connection. We create our connection accounts by room, but you could create them by any subgroup you wanted. You wouldn't want to make them too large.

Also, your AD might have higher availability than ours, but I don't think our setup is that unusual.

The settings of the Profile are pretty straightforward. The sections required were General, Network and Login Window.

There is an option to use directory information entered at the login window as authentication for the wireless network. It's a checkbox in the config profile. In practise I've always found it to cause very slow logons but it could be worth trying in your environment.

Yes, we see slowness too. But at least these approaches let an AD user log in without having to plug to Ethernet. It depends on how your AD is set up, access-wise.

@smitty1923 For the record, are the Macs on domain? If not, then the above suggestions are kind of useless to you. I've had no issues setting up WiFi on domain bound machines, but I've had nothing but issues with non-domain Macs. The latter make up the majority of my environment.

Thank you all for the suggestions! @McAwesome , yes they are on the domain. They're all bound to AD during the initial setup process. But we're trying to setup a new profile to go to machines that have been bound for some time. Not sure if that makes a difference.