Enable User Ethernet Profile

Path

Computer Configuration > Policies > Centrify Settings > Mac OS X Settings > 802.1X Wireless Settings > Enable User Ethernet Profile

Description

Enable this policy to create an 802.1X ethernet profile so users can authenticate to an 802.1X-protected network by using the specified user certificate.

Note:   This group policy only supports macOS 10.15 and lower.

This policy supports the TLS protocol for certificate-based authentication for users.

By default, the auto-enrolled user certificates are pushed down to ~/.centrify/autouser_(name).{cert.key.chain}. Certificates are also imported into each user’s login keychain.

Before you can enable this policy, you must have a Windows server configured for 802.1X wireless authentication. The configuration includes certificate templates that are configured for auto-enrollment of domain computers and automatically downloaded to Mac computers when they join the domain. See Configuring 802.1X wireless authentication for details about what you must configure before enabling the current policy.

Users must perform these steps after login to authenticate to the network as the user:

  1. Select System Preferences > Network > Ethernet.
  2. If there are any pre-existing 802.1X connections, click Disconnect to disconnect the pre-existing connections. For example, if a machine 802.1X Ethernet policy has been set, the computer will already be authenticated using the machine credential.
  3. Click Connect. This action prompts the user with a list of available user identities in certificate-key pair format.
  4. Choose the appropriate auto-enrolled user identity.