none
802.1x EAP-TLS user certificate via auto enrollment RRS feed

  • שאלה

  • Hello, I can find many examples of 802.1x EAP-TLS authentication with NPS via 'Machine' certificate auto enrollment, but nothing for 'User' certificates.

    Is it possible to do this by creating an auto enrollment 'User' certificate template, then creating an NPS policy to authenticate the email field of the user certificate against a specified user group ?

    The 802.1x supplicant on the end computer would be configured to authenticate via 802.1x EAP-TLS 'user authentication.

    Thank you.


    • נערך על-ידי macattacker123 יום חמישי 14 נובמבר 2019 01:29
    יום רביעי 13 נובמבר 2019 05:49

כל התגובות

  • Hi,

    >>Is it possible to do this by creating an auto enrollment 'User' certificate template, then creating an NPS policy to authenticate the email field of the user certificate against a specified user group?

    Based on my knowledge, it is theoretically possible.

    Hope this can help you, if you have anything unclear, please let me know.

    Have a nice day!

    Ellen


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact 
    tnmff@microsoft.com.





    יום חמישי 14 נובמבר 2019 08:14
  • Thank you. Are you aware of any guides about how to make a local Windows 10 802.1x EAP-TLS wifi profile connect by using 'user' certificate rather than a 'machine' certificate ?

    i.e. to use a certificate from the 'Current User' certificate store, rather than the 'Local computer' certificate store.

    Thank you kindly.

    יום שני 18 נובמבר 2019 02:40