Enable Machine Ethernet Profile


Computer Configuration > Policies > Centrify Settings > Mac OS X Settings > 802.1X Wireless Settings > Enable Machine Ethernet Profile


Enable this policy to create an 802.1X ethernet profile so users can authenticate to an 802.1X-protected network by using the specified machine certificate.

Note:   This group policy only supports macOS 10.15 and lower.

This policy supports the TLS protocol for certificate-based authentication for computers.

Before you can enable this policy, you must have a Windows server configured for 802.1X wireless authentication. The configuration includes certificate templates that are configured for auto-enrollment of domain computers and automatically downloaded to Mac computers when they join the domain. See Configuring 802.1X wireless authentication for details about what you must configure before enabling the current policy.

After enabling this policy, set the following:

  • Template Name: Type the name of the auto-enrollment machine certificate that has been pushed down from the Windows domain server.

    When pushed to a Mac computer, certificate names are prepended with auto_; for example:


This group policy runs a script that looks for the specified certificate template in the /var/centrify/net/certs directory (which contains the certificate templates pushed down from the domain controller) and creates an Ethernet profile from this certificate.

Once enabled, this policy takes effect dynamically at the next group policy refresh interval.