Jamf Nation Community

m_higgins · ‎01-19-2017

So the issue is this. We bind the iMacs to our AD server. Users can log in perfectly on Ethernet but will not authenticate on Wireless.

Am I missing something here?

crmanski · ‎01-19-2017

Two things come to mind. 1. When you are connected to the wireless are you using the same DNS as Ethernet? Is the domain name resolvable?
2. When on the wireless can you contact all of the AD servers?

m_higgins · ‎01-19-2017

@crmanski

All DNS servers are the same on both
I am able to ping both AD servers just fine

ImAMacGuy · ‎01-19-2017

Sounds like you're not creating a mobile account at login. check the users & groups in system preferences, you should see mobile listed under their name.

If you're referring to a first time login (freshly imaged system), are you using a wireless profile? could be something not setup properly with that, check your certs, ensure use as a login window configuration is selected, and use directory authentication.

rqomsiya · ‎01-19-2017

Hi @m.higgins,

Are you using a radius server to issue certs? Does your Wi-Fi config profile include the needed certs? We're working through the same issue here.

m_higgins · ‎01-20-2017

Hi @rqomsiya

We aren't using a radius server but I am in the process of setting one up. Although with zero radius knowledge it is not as straightforward as I had hoped

ebbinghoff · ‎03-06-2017

Hi @m.higgens
We are using radius and found that we needed to push out two configurations, the wifi certificate via Configuration Profile as well as a Network configuration that was populated with a service account to get our shared Cart laptops onto the WiFi and available for any AD user log in.

Jamf Nation Community

Wireless Computers Bound to AD Authentication