Hello...re-deploying 802.1x within a network with high security requirements. Fully functional PKI deployment is already out that issues both user and machine certificates. Also using Cisco NAM 4.5 as supplicant and ISE 2.2 as RADIUS server.

Setting up EAP-TLS for machine authentication is very easy to do. User authentication not so much. When setting up the new profile in Network Access Manager and I get to the "Credentials" tab of the network setup, I am prompted to "Use Single Sign On Credentials" or "Prompt for Credentials". We do not use Smart Cards so I cannot use the SSO Creds but I want to provide my end uses with the SSO experience and not have them have to select a certificate to use for authentication.

Any help would be appreciated.