Authenticating 10.7 Macs To A RADIUS Server With Certificate Enabled PEAP Authentication

Standard

Subject’s a mouthful eh? Basically, I needed for my 10.7 Macs to authenticate to our RADIUS wireless network using PEAP authentication & the Mac’s Certficate from our domain.

Here’s the steps I took:

  1. I followed this Apple KB article to get the Mac Client to request a certificate from our Domain. I then uploaded this & deployed to my 10.7 clients as a Computer Level profile.
  2. Next I created a new Computer Level Configuration Profile in our JSS with our Wireless Networks SSID & certificates.Under Protocols, tick PEAP, Directory Authentication & in the Username field enter “$COMPUTERNAME,” (as below, click to enlarge).

The Mac client should now authenticate as itself to the RADIUS server using it’s certificate from AD.

One thought on “Authenticating 10.7 Macs To A RADIUS Server With Certificate Enabled PEAP Authentication

  1. brandon

    Can this work without JSS? I’ve configured peap-eap with a godaddy certificate for machine authentication and can’t get our macs that are not joined to the domain connected to the wireless.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.