Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-7470: 802.1X for mobile devices

Centrify Identity Service, App Edition ,   Centrify Identity Service, App Plus ,  

21 September,16 at 08:18 PM

Applies to: Centrify Identity Service, App Edition and App Plus



Question:

How can administrators configure 802.1X Wireless authentication for mobile devices?



Answer:

In a large or smaller organization, administrators may want to implement 802.1X authentication for mobile devices. The mobile device will get a certificate from the CA in network that will allow it to connect to the Wi-Fi network. The following will need to be done:

 
1. To have the internal CA (Certification Authority) deliver the certificate to the device, administrator needs to make sure "Active Directory group policy" is being used instead of instead of "Cloud Policy Service" in the Centrify Cloud Manager, under Settings > Mobile > Device Policy Management.

2. Make sure the users are allowed to enroll devices: refer to our documentation.
Please note: These settings apply regardless of whether you use the Centrify cloud policy service or Active Directory group policies to manage device configuration policies:

3. Create the templates:
•     Computer-ClientAuth (workstation template)
•     User-ClientAuth (user template)
Please see following KB article: KB-4283: Creating templates to use certificates for authentication with cloud enrolled devices

4. Create the policy to enroll devices: refer to our documentation: Enabling the enrollment policy to use user and computer certificates

5. Create the policy and attached it to the OU the mobile devices will be in. Please note that the settings depend on how your environment is set:

User-added imageUser-added imageUser-added image

6. Enroll the phone (in this example, an iPhone was enrolled).

7. Check whether the certificate was delivered onto the device. Under Settings > General > Device Management > Centrify Cloud Service > More Details:

- The Wi-Fi profile and the certificate on the device:

User-added imageUser-added image


- The certificate generated by the Certificate Authority on the server:

User-added image

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.