Wireless Auth

New Contributor III

Hi everyone,

I'm curious what people are using for wireless authentication in their environments, particularly in K-12 with a mix of 1:1, shared, and BYOD devices. Does your wireless auth mechanism work well on your Macs? iPads?




New Contributor III

I just noticed this related post: https://jamfnation.jamfsoftware.com/discussion.html?id=13060. I suppose my question is less about hardware and more about authentication method though... Sorry if this seems like a duplicate!

New Contributor

802.1x certificate authentication. Macs are joined to Active Directory and get a machine certificate through Active Directory Certificate Services. Requires Mountain Lion and higher. Works for Wi-Fi and Ethernet and the network is available at the logon screen so network accounts are able to log in.

Mobile devices BYOD and are enrolled in MaaS360. MaaS360 access Active Directory Certificate Services using NDES/SCEP and pushes a user certificate to the device. The user is logged into Wi-Fi and Exchange with that cert. No saved user/pass on the device, so no more account lockouts when users change their Active Directory passwords.

Both configurations can be done in Casper. We opted for MaaS360 for the mobile devices as we have staff with Android and Windows phones in addition to iOS and we wanted a secure container solution for email instead of using the native email client on the device. This allows us to remove MaaS360 control and any corporate data without having to do a full wipe of the employee owned device.