Subject’s a mouthful eh? Basically, I needed for my 10.7 Macs to authenticate to our RADIUS wireless network using PEAP authentication & the Mac’s Certificate from our domain.
Below are the steps taken.
The Macs need to be bound to AD and managed by Jamf.
With these items covered, the below can be attempted.
- Follow this Apple KB article to get the Mac Client to request a certificate from our Domain. upload this & deploy toyour 10.7 clients as a Computer Level profile.
- Next create a new Computer Level Configuration Profile in our JSS with our Wireless Networks SSID & certificates.Under Protocols, tick PEAP, Directory Authentication & in the Username field enter “$COMPUTERNAME” (as below)
The Mac client should now authenticate as itself to the RADIUS server using it’s certificate from AD.