We are running WLC 4.1 as well as ACS 4.1 in a Microsoft Active Directory environment and want to implement EAP-TLS. Is it possible to use both machine and user certificates so that the machine connects wirelessly before the user logs on? We'd like it so the user doesn't have to logon with cached credentials. As well we'd like to be able to manage the machines with SMS when the user isn't logged on.
