I want to make sure I'm not missing something. I need to identify and only allow domain devices on a wireless network. The only real way I can make this happen with 99.99% certainty is via:
Certificates (EAP-TLS)
MDM (Mobile and Laptops)
Agent (inspect the reg for example for domain info)
Am I missing any other way ?