11-30-2016 05:23 PM
I have a challenge associated with how to deploy a machine based wireless profile to a shared Windows device to connect to a wireless network. Authentication for these types of devices is using a certificate (machine authentication is not possible due to the AD configuration and the associated trusts). Ultimately I am chasing whether windows native commands can be used to provision a certificate using the ISE SCEP URL. I am running ISE 2.1 with patch 2.
Whilst I have the client provisioning process within ISE functioning, this is only applicable to user specific devices where ISE will deploy a user profile to a device. If ISE could provision a machine based profile this issue would not exist.
I have existing batch files and processes available for provisioning a certificate from a Microsoft CA, but the interaction with the ISE SCEP process is where I am getting unstuck. Any assistance with how to provision a certificate from ISE' CA to a windows device would be appreciated.
The big issue here is the ability to connect a Windows (or Mac) device to a wireless network to facilitate user authentication to an Active Directory domain.
Solved! Go to Solution.
12-01-2016 01:26 PM
ISE BYOD is limited to user profiles for Windows.
12-01-2016 01:26 PM
ISE BYOD is limited to user profiles for Windows.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: