No announcement yet.

Macintosh 802.1x wired integration

  • Filter
  • Time
  • Show
Clear All
new posts

  • Macintosh 802.1x wired integration

    As we move forward and upgrade out network hardware, security has been a major priority. We are getting rid of old managed switches and installing a line of 802.1x enabled switches allowing computer as well as end user authentication to happen really well....for our windows machines

    The kicker here is that about 40% of our computers are Macintosh running various flavours of OS X (10.3 through 10.5) (we are a public school board)

    I would really like these units to use the 802.1x through windows IAS (integrated with Active Directory) and certificates, and work as well as our windows machines.

    We have tested using the built in AD config within OSX as well as other after market products which integrate the Mac with AD. (Admit Mac and MacAdmin) So far nothing has worked well. We can get the end user to enter Internet Connect within the Mac and enter their credentials a second time once they are logged into a local account but double login is not an option around here. We have tried unsuccessfully to force the 802.1x credentials out to the login window as written in the Mac help text but this has not worked as we wish either.

    Has anyone been successful in integrating the Mac running OSX into an 802.1x wired network using Windows IAS and certificates.

    Thanks for your assistance on this.

  • #2
    Re: Macintosh 802.1x wired integration

    AD integration doesn't work properly with 10.3.9. I've tried it soo many times and it just doesn't work. I'd start with trying to get opendirectory working with AD on 10.4.9. that should work fairly well.
    Leave 'reputation' when deserved :


    • #3
      Re: Macintosh 802.1x wired integration

      Thanks, and your right 10.3.9 does not work very well and it is only 10.4.6 and above where 802.1x is supposed to work and we have been fairly successful with the AD integration but it is the certificates and 802.1x that are causing us the grief. The Mac needs to present that certificate to the switch port at power up so that the switch port knows that the machine is part of the computers group within AD. This is where I believe the process is falling down.