Wireless Access

We use freeradius and AD for eduroam with a mac-auth fall-back that presently works seamlesly on our wired ports through the switched estate. I want to be able to replicate this in Wi-Fi for devices that are incapable of doing 802.1x but without creating another SSID. Essentially I want devices to be authorised over Wi-Fi using the eduroam SSID only, is this possible and if so how?

This is not possible with 802.1X networks. You would need to connect these devices to your open/PSK networks.

I know of institutions and businesses that are moving towards a single SSID for all device types and users based on a 802.1x network. How will they get around this inevitability if the controller cannot meet these business policies and objectives?

Perhaps it's slightly more complicated with Wi-Fi where the SSID only exists in one state whereas a switch has capability for 3-4 states so far as 802.1x is concerned but still...

I don't know of anyone authenticating consumer, non-1X devices on a 1X network.

It is not feasible to go down to a single 802.1X SSID. You will always need one 802.1X network and one open/PSK network if you plan to support guests and "dumb" devices.

Most will adjust their "business policies and objectives" to prevent consumer crap from being allowed to use wifi, I believe.  Even were 11u to allow a mixed 1x/PSK environment, if the device can't do 1x, the odds of it doing 11u are pretty bleak, and if you allow a device to talk open, then everything that talks to it is talking in the clear.