MacOS 10.12 wifi using Active Directory and FileVault
09-19-2017 08:23 AM
We've been putting our Macs in our domain for some time now. We use LoginWindow/System auth against our CPPM which does both machine and user auth using PEAP. Recently (I'll have to determine exactly when) the authentication events have changed.
It used to be that I could watch the machine auth in CPPM when it hit the network and then the user auth once the user logged in. Now I only see the machine auth. Even though the user logs in to the machine, I never see that auth in CPPM and, consequently, they never recieve the correct network enforcement profile from CPPM.
We have also recently started using filevault for ecryption. I cannot say for sure if this has happened as a result of using FV or perhaps a MacOS update.
Is anyone else using a similar setup? Have you noticed similar issues?
The College of Wooster
Re: MacOS 10.12 wifi using Active Directory and FileVault
09-19-2017 08:43 AM - edited 09-19-2017 08:43 AM
Sorry, I do not have an answer. We are currently using user-only PEAP authentication for MacOS.
I tested login (machine & user) authentication earlier this summer but had a issue theat if a user entered an incorrect password, MacOS would still keep trying the bad password while prompting for a password. In our environment, this behavior locks the user's AD account.
Bruce Osborne - Wireless Engineer
All opinions written here are my own and do not necessarily reflect the views and opinions of my employer or Aruba Networks