AD Machine Accounts and 802.1x

[mhoback]

Is there any way to get OS X 10.5 or 10.6 to use the machine account (either AD or OD) instead of the user account for 802.1x RADIUS authentication? I have a MS IAS RADIUS server set up, and all the Windows clients use their machine account in AD to authenticate against, so they are already connected to the WAP before the user logs in. On the OS X clients, I have not seen any way to do this. It seems to only be able to use the AD user account to authenticate. Am I missing something?

[hotmop]

From what I’ve read, this is most often done using machine certificates.

Now getting a Mac to get a machine certificate from the MS CA is no easy trick. It’s the part I’m trying to figure out now.

https://www.afp548.com/article.php?story=20081231001749966

[freepms]

Perhaps you could use a login-window 802.1X profile? They’ve been very useful to me. http://support.apple.com/kb/ht3326

[Author]

Posts