Hi
I don't know if there are any specific documentation for how to implement this on MacOS, but I have implemented the same function on Windows based on the ClearPass and Intune integration documents on ASP, https://asp.arubanetworks.com/downloads;search=intune;products=Aruba%20ClearPass%20Policy%20Manager%20%28CPPM%29
One of my customers where we first implemented the Windows settings in Intune later implemented the same for MacOS on thier own. So I suppose you can work with this document as a guide as the concept is the same for both Mac and Windows. Just a few smaller differences in the settings.
------------------------------
Best Regards
Jonas Hammarbäck
MVP 2023, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACDP , ACEP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
------------------------------
Original Message:
Sent: Sep 15, 2023 11:58 AM
From: PD28
Subject: MacBook with Microsoft CA server Certificate Based Authentication
Hi Jonas,
Thanks for your reply. I am fine even just with EAP-TLS (machine or user cert) with MacOS. What I wanted to know any document or reference how to distribute certificate and profile to MacBook, we have Intune as MDM.
Regards,
Original Message:
Sent: Sep 15, 2023 09:50 AM
From: jonas.hammarback
Subject: MacBook with Microsoft CA server Certificate Based Authentication
Hi
I'm not sure if it's possible to get both machine and user authentication with MacBooks. I think they only perform user authentication and doesn't have the concept of machine authentication as the Windows computer. TEAP is not supported on MAC OS, so you have to run EAP-TLS.
To distribute certificates you need to have a CA with SCEP and manage the computers in a MDM tool like JAMF or Intune. In the MDM tool configure a SCEP profile to get the machine to request a certificate and the needed wired/wireless 802.1x profiles utilizing the certificate.
------------------------------
Best Regards
Jonas Hammarbäck
MVP 2023, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACDP , ACEP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
Original Message:
Sent: Sep 14, 2023 11:44 AM
From: PD28
Subject: MacBook with Microsoft CA server Certificate Based Authentication
Hi,
We have successfully deployed EAP-TEAP with Windows machine (Wired so far) and would like to deploy the same on MacBook as well (if not TEAP, then at least machine/user certificate based). Appreciate can someone please provide any documents or guidance for deploying Microsoft certificates to MacBook to use for 802.1x wired and wireless.
Thank you