Security

mthiel · ‎03-31-2015

Is there a way to have a Wired Mac OSX (Yosemite) machine to utilize 802.1x EAP-TLS authentication and have it authenticate to the network on bootup with no user intervention? We have successfully been able to get a machine certificate pushed to the Mac (via Casper JAMF), but it requires the user to choose the certificate on Login. My goal is have the Mac authenticated to the network port prior to the user attempting to login, so that first time users are able to login via Active Directory BIND. Without the port being successfully 802.1x authenticated, it prevents a first time user form logging into the Mac that is bound to AD.

My goal is to make it as seemless as a Machine Authenticate of a windows PC to AD.

Can anyone point me to technotes or write ups on how to do this?

Thanks ahead of time.

cappalli · ‎03-31-2015

I've only been able to get AD login to work using single-sign on with a login window profile.

Thanks,
Tim

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

mthiel · ‎03-31-2015

Thanks for the reply Tim.

Is it possible to have a Mac use EAP-TLS to authenticate to the wired network without user intervention?

Security

Mac OSX - Wired 802.1x EAP-TLS Machine Certificate Authentication

Re: Mac OSX - Wired 802.1x EAP-TLS Machine Certificate Authentication

Re: Mac OSX - Wired 802.1x EAP-TLS Machine Certificate Authentication

Amigopod Operator Login assignment using VSAs?

Clearpass evaluation

Bonjour (AirPlay) by device location with CP

Backup CPPM

Can't see IOS Onboard device

Amigopod Operator Login assignment using VSAs?

Re: Server Rules and logical expressions

Re: Using Clearpass with EOL hardware.

Re: Restricting who can onboard a device in ClearPass

Re: ClearPass Policy Manager 5.0.1.38855 upgrade to 5.1.1

Deploying BYOD: Onboarding, Provisioning, Policy, Reporting

WLAN Security Fundamentals

[AirheadsConf LV 2013 Breakout] Networks - Mobility Access Switch Security Architecture

[VIDEO] Captive Portal Authentication with Aruba Instant and ClearPass

[VIDEO] 802.1X Authentication with Aruba Instant and ClearPass

Aruba Instant 6.4.2.6-4.1.1.11 Released 11/27/2015

Aruba Instant 6.4.2.6-4.1.1.10 Released 9/28/15

Remote AP Networks

Lync Over Aruba WiFi

AOS and CPPM – Dot1x Authentication and integration

ClearPass 6.4.0 Release Notes

Very High Density 802.11ac Networks Validated Reference Design

Security

Mac OSX - Wired 802.1x EAP-TLS Machine Certificate Authentication

Re: Mac OSX - Wired 802.1x EAP-TLS Machine Certificate Authentication

Re: Mac OSX - Wired 802.1x EAP-TLS Machine Certificate Authentication

Follow Us