locked
Inventory Apple and Linux machines RRS feed

  • Question

  • I'm looking to configure SCCM 2012 to inventory Apple and Linux devices. I know with Apple devices the communication can only happen through a certificate, no client. Can we issue a certificate from a Microsoft CA to communicate with these devices if they are not in AD? Looking for best practices to make this work.

    Thanks

    Tuesday, April 12, 2016 3:23 PM

Answers

All replies

  • How to Install Clients on Mac Computers in Configuration Manager

    Before you install the Configuration Manager client on a Mac computer, decide how to install the client certificate:

    • Use Configuration Manager enrollment by using the CMEnroll tool and follow the steps in the next section of this topic. The enrollment process does not support automatic certificate renewal so you must re-enroll Mac computers before the installed certificate expires.

    • Use a certificate request and installation method that is independent from Configuration Manager. For this installation method, see the Use a Certificate Request and Installation Method that is Independent from Configuration Manager section in this topic.

    Tuesday, April 12, 2016 3:38 PM
  • Ok, I don't know that answers my question. It wasn't about how to install a certificate. It was whether we can use a Microsoft CA to install the certificate to an Apple and Linux machine or do we need to use a public certificate authority.
    Tuesday, April 12, 2016 5:20 PM
  • A certificate is a certificate is a certificate. The source doesn't actually matter. To be useable the cert needs to be trusted, but that is just a matter of installing the cert for the root CA and issuing CA (as applicable).

    To directly answer the question, yes, absolutely, a cert generated by a Microsoft CA can be installed on either an Apple or a Linux system.


    Jason | http://blog.configmgrftw.com | @jasonsandys

    Tuesday, April 12, 2016 5:42 PM
  • Ok, I guess that answers my question... the client has to be able to communicate with the authority but that would depend on the configuration of the CA. Thanks
    Tuesday, April 12, 2016 5:49 PM