Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: jeffreykusters
jeffreykusters Author
User level: Level 1
0 points

Connecting iPads to an Enterprise Wireless 802.1x (EAP-TLS) Network Using Windows Server 2003 IAS

Hi there,


I am asked to deploy iPads on an 802.1x EAP-TLS WiFi network. The customer has a Windows Server 2003 IAS server providing RADIUS. There also is a Windows based CA infrastructure in place. This solution is in production and is already being used by other wireless devices. Could someone please highlight the configuration steps for the iPad deployment? The customer whishes to automate the initial deployment and the renewal of the certificates. I have a basic understanding of 802.1x, RADIUS, Certificates etc. in a Windows infrastructure but I am new to enterprise deployment of iPads. There is no MDM tool in place by the way...


I did find a Microsoft article which I think describes what needs to be done: http://blogs.technet.com/b/pki/archive/2012/02/27/ndes-and-ipads.aspx. This article basically states the following steps:


1. Create a placeholder computer account in Active Directory Domain Services (AD DS)

2. Configure a Service Principal Name (SPN) for the new computer object.

3. Enroll a computer certificate passing the FQDN of the placeholder computer object as a Subject Name, using Web Enrollment Pages or Certificates MMC snap-in directly from the computer (Skip step 4 if you are using the Certificates MMC snap-in)

4. Export the certificate created for the non-domain joined machine and install it.

5. Associate the newly created certificate to the placeholder AD DS domain computer account manually created through Name Mappings


The article then elaborates on specific steps needed for the iPad because it treats all certificates as user certificates. Can someone confirm this behavior??


Regards,


Jeffrey

Posted on Jan 9, 2013 1:20 AM

Reply
2 replies
User profile for user: rccharles
rccharles
User level: Level 6
12,957 points

May 7, 2013 11:05 AM in response to fnoldor

Use VPP. Select an MDM. Read the google doc below.



IT Resources -- ios & OS X -- This is a fantastic web page. I like the education site over the business site.

View documentation, video tutorials, and web pages to help IT professionals develop and deploy education solutions.

http://www.apple.com/education/resources/information-technology.html


business site is:

http://www.apple.com/lae/ipad/business/resources/


Excellent guide. See announcment post -- https://discussions.apple.com/thread/4256735?tstart=0

https://docs.google.com/document/d/1SMBgyzONxcx6_FswgkW9XYLpA4oCt_2y1uw9ceMZ9F4/ edit?pli=1


good tips for initial deployment:

https://discussions.apple.com/thread/4111203?answerId=18942350022#18942350022

https://discussions.apple.com/thread/3804209?tstart=0

Reply

Connecting iPads to an Enterprise Wireless 802.1x (EAP-TLS) Network Using Windows Server 2003 IAS

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up