Join Domain - request AD computer cert - no MAC Server!

I'm also having this issue. We're trying to manage our Macs using SCCM 2012 SP1, but can't get the Macs to work properly with the Certificate request page. Did you ever find a fix for this?

Apple has a page with some white papers which may be helpful here:

http://training.apple.com/osx

In particular, the best practices for integrating with AD (which references the Kbase you linked to):

http://training.apple.com/pdf/wp_integrating_active_directory_ml.pdf

And the 802.1X authentication white paper:

http://training.apple.com/pdf/WP_8021X_Authentication.pdf

Which includes sample profiles for integrating 802.1X with an AD CA.

Here is what I found helpful:

802.1x EAP-TLS Machine Authentication in Mt. Lion with AD Certificates

http://www.afp548.com/2012/11/20/802-1x-eaptls-machine-auth-mtlion-adcerts/

How to request a certificate from a Microsoft Certificate Authority using DCE/RPC and the Active Directory Certificate profile payload:

http://support.apple.com/kb/HT5357

I tripped up here becase my CA was named differently than the computer name. If you open a command prompt on the windows CA and type the command certutil –cainfoyou should see several peices of information that will make filling out The name of the CA straight forward. You should use the Sanitized CA short name (DS name) for The name of the CA:

and certutil –cainfowill clearly show you that value.

One other thing to pay close attension to is you should use the Template name and not the Template display name for the Certificate Template field. These can be different (see below).

Good luck!

Also, when the MAC is trying to join an enterprise wireless 802.1x network the only way you can get wireless configured is to use a profile that is either pushed from a Mac Server using Profile Manager, or a profile that is built and mailed to you by an administrator.