Configure Computer Certificate Autoenrollment http://technet.microsoft.com/en-us/library/cc732311(WS.10).aspx
<http://technet.microsoft.com/en-us/library/cc732311(WS.10).aspx>Fairly simple to setup - aside from getting your PKI infrastructure in place correctly. <http://technet.microsoft.com/en-us/library/cc732311(WS.10).aspx>Jeff Steward On Fri, Aug 20, 2010 at 10:06 AM, Kelsey, John <[email protected]> wrote: > I’m still striking out on making this work. I’m probably making it > harder than what it is. > > > > I have mostly domain computers that need to authenticate by machine. Do I > need to create a machine certificate for each individual machine? Then map > that same cert to the computer AD account? > > > > *From:* Malcolm Reitz [mailto:[email protected]] > *Sent:* Monday, August 02, 2010 11:12 AM > *To:* NT System Admin Issues > *Subject:* RE: Wireless Machine Authentication > > > > We used the machine AD credentials, as that is the path of least > resistance. It is a pretty simple GPO configuration to set it all up, too. > > > > -Malcolm > > > > *From:* Ken Schaefer [mailto:[email protected]] > *Sent:* Monday, August 02, 2010 10:03 > *To:* NT System Admin Issues > *Subject:* RE: Wireless Machine Authentication > > > > You can either use machine certs or machine credentials (against AD, if the > machines have credentials in AD…) > > > > Cheers > > Ken > > > > *From:* Kelsey, John [mailto:[email protected]] > *Sent:* Friday, 30 July 2010 10:36 PM > *To:* NT System Admin Issues > *Subject:* FW: Wireless Machine Authentication > > > > All Cisco LWAP access points using a 5508 wireless controller. We have > PEAP set up so users can authenticate on the wireless network using their AD > login…peachy. > > > > BUT…we have some machines that need to authenticate on the wireless * > before* the user logs on (so they get can group policies and such). I > thought we could just provide a generic credential and it would work but no > such luck. How the heck do you make this work? The workstations are XP SP3 > with intel wireless cards. > > > > > > > > > > > This email and any files transmitted with it are confidential and intended > solely for the use of the individual or entity to whom they are addressed. > If you have received this email in error please notify the system manager. > This message contains confidential information and is intended only for the > individual named. If you are not the named addressee you should not > disseminate, distribute or copy this e-mail. > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
