Hi.
I'm trying to setup a 802.x enviroment using NPS in a test situation for larger deployment later on. I have gotten both wired and wireless authentication using EAP-TLS working on both Windows and OSx clients. But I'm having quite a difficult time getting handheld iOS based devices working. The devices are managemed in an MDM solution and I have been able to populate the devices with the internal CA certificate, and also had success getting devices to request a certificate using SCEP/NDES.
I have read a few guides surrounding this, but I'm not quite sure how one can make this work. I would like to avoid having the user entering username and password on the device, and I don't want to have to manualy register/"user map" for every user. (1000+ devices).
Is it possible to have the devices authenticate using only the certificate acquired from internal CA?
Any other suggestions on how this could be solved?
Best regards,
Johan Christensson