locked
Getting non Windows Domain devices (Windows 7 non domain laptop/iPads) to request a certificate from our NPS/CA server RRS feed

  • Question

  • We have a Server 2012 R2 NPS server setup using certificate authentication.

    Currently, I've got it working so domain computers auto-enrol to our CA server. Each client enrolls and gets a cert, this then shows up an an issued certificate on the CA.

    I'm struggling to find a way to get iPads and non domain windows PCs to request a certificate from our CA. Since the CA allows domain computers to request a certificate - I can't see how a non domain pc or a non windows device could work with this system.

    Any suggestions would be greatly appreciated!

    Thanks!

    DG

    Wednesday, October 5, 2016 10:14 AM

Answers

All replies

  • Hi,

    >>I'm struggling to find a way to get iPads and non domain windows PCs to request a certificate from our CA.

    Please check this link:

    Connecting iPads to an Enterprise Wireless 802.1x Network Using Certificates and Network Device Enrollment Services (NDES)

    https://blogs.technet.microsoft.com/pki/2012/02/27/connecting-ipads-to-an-enterprise-wireless-802-1x-network-using-certificates-and-network-device-enrollment-services-ndes/


    Best Regards,
    Cartman
    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, October 6, 2016 4:12 AM
  • Hi Cartman,

    Thank-you for your suggestion.

    I did look into this but it seemed a bit hacky! :) but it appears that it's the way forward! I'll post back here once I've had a chance to test this.

    Thanks,

    DG

    Friday, October 7, 2016 7:27 AM
  • Hi,

    I am checking to see if the problem has been resolved. If there's anything you'd like to know, don't hesitate to ask.


    Best Regards,
    Cartman
    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, October 11, 2016 8:12 AM
  • Hi Cartman,

    Apologies for the delayed reply.

    I gave this a go but in the end couldn't get it working.

    We've decided to bring up a second SSID and use it to do simple user authentication instead.

    Thanks for your time and help.

    DG

    Wednesday, October 19, 2016 6:28 PM