I want to perform 802.1x user authentication together with Machine Authentication using Client Certificates. The problem is with Machines that are not in AD. Our policy allow users to bring their own devices as long as they comply to our posture policies. They can have full network access. How do I use certificates to authenticate non domain computers? User authentication will continue to be AD credentials even for non AD computers. We have our internal CA server that we use to generate manually client certificates for these non domain computers.