05-17-2021 06:51 AM
Hello.
I know there's been plenty of topics regarding Windows based 802.1X computer authentication but none of them seem to provide an explanation for MacOS.
I'm familiar with how 'user authentication' works on MacOS but struggling to understand the 'computer authentication' The requirement is to ONLY use 'computer authentication' with 802.1X so, if a user has a company issued/domain joined MacBook the access should be granted.
With PEAP-MSCHAPv2 which computer credentials are exchanged between the client and ISE? The username would be the computer name (which exists in AD) but what about the password? My understanding is that PEAP requires username AND a password.
At the moment the authentication works as expected but I'm struggling to understand the password MacBook sends out to ISE.
Example: If the name of the computer is domain\EX1234 then ISE log shows this as the 'username'
Windows-10 - I understand that when a Windows based computer joins AD, a password is automatically created and being used with PEAP.
Thank you.
Solved! Go to Solution.
05-18-2021 01:55 AM
Never mind, I managed to figure out. I can see the password is saved in Active Directory. It seems MacOS behaves the same way as Windows.
05-18-2021 01:55 AM
Never mind, I managed to figure out. I can see the password is saved in Active Directory. It seems MacOS behaves the same way as Windows.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: