-->
- Mac Os Connect To Microsoft Protected Eap Download
- Mac Os Connect To Microsoft Protected Eap Windows 10
- Mac Os Connect To Microsoft Protected Eap Windows 7
2020-2-13 L2TP with PEAP authentication from MacOS/iOS. Ask Question Asked 7 years, 5 months ago. I haven't found official confirmation that Mac OS X doesn't support PEAP-EAP-MSCHAPv2, but I can't get it to work either (Windows SBS 2003 R2 and L2TP-over-ESP with a Mac OS X 10.8 client here). (was Protected EAP PEAP/EAP-MSCHAPv2). Mac OS X. 10.8 and newer. While we only provide support for OS X version 10.8 or newer, you should be able to connect to Eduroam using older versions of OS X. Steps shown below may be different for older versions. Click the wireless icon in the menu bar.
You can create a profile with specific WiFi settings, and then deploy this profile to your macOS devices. Microsoft Intune offers many features, including authenticating to your network, adding a PKS or SCEP certificate, and more.
These Wi-Fi settings are separated in to two categories: Basic settings and Enterprise-level settings.
This article describes these settings.
Before you begin
Create a device profile.
Note
These settings are available for all enrollment types. For more information on the enrollment types, see macOS enrollment.
Basic profiles
- Wi-Fi type: Choose Basic.
- Network name: Enter a name for this Wi-Fi connection. This value is the name that users see when they browse the list of available connections on their device.
- SSID: Short for service set identifier. This property is the real name of the wireless network that devices connect to. However, users only see the network name you configured when they choose the connection. Can you run microsoft office on a mac.
- Connect automatically: Choose Enable to automatically connect to this network when the device is in range. Choose Disable to prevent devices from automatically connecting.
- Hidden network: Choose Enable to hide this network from the list of available networks on the device. The SSID isn't broadcasted. Choose Disable to show this network in the list of available networks on the device.
- Security type: Select the security protocol to authenticate to the Wi-Fi network. Your options:
- Open (no authentication): Only use this option if the network is unsecured.
- WPA/WPA2 - Personal: Enter the password in Pre-shared key. When your organization's network is set up or configured, a password or network key is also configured. Enter this password or network key for the PSK value.
- WEP
- Proxy settings: Your options:
- None: No proxy settings are configured.
- Manual: Enter the Proxy server address as an IP address, and its Port number.
- Automatic: Use a file to configure the proxy server. Enter the Proxy server URL (for example
http://proxy.contoso.com
) that contains the configuration file.
Enterprise profiles
- Wi-Fi type: Choose Enterprise.
- SSID: Short for service set identifier. This property is the real name of the wireless network that devices connect to. However, users only see the network name you configured when they choose the connection.
- Connect automatically: Choose Enable to automatically connect to this network when the device is in range. Choose Disable to prevent devices from automatically connecting.
- Hidden network: Choose Enable to hide this network from the list of available networks on the device. The SSID isn't broadcasted. Choose Disable to show this network in the list of available networks on the device.
- EAP type: Choose the Extensible Authentication Protocol (EAP) type used to authenticate secured wireless connections. Your options:
- EAP-FAST: Enter the Protected Access Credential (PAC) Settings. This option uses protected access credentials to create an authenticated tunnel between the client and the authentication server. Your options:
- Do not use (PAC)
- Use (PAC): If an existing PAC file exists, use it.
- Use and Provision PAC: Create and add the PAC file to your devices.
- Use and Provision PAC Anonymously: Create and add the PAC file to your devices without authenticating to the server.
- EAP-SIM
- EAP-TLS: Also enter:
- Server Trust - Certificate server names: Add one or more common names used in the certificates issued by your trusted certificate authority (CA). When you enter this information, you can bypass the dynamic trust window displayed on user's devices when they connect to this Wi-Fi network.
- Root certificate for server validation: Choose an existing trusted root certificate profile. This certificate is presented to the server when the client connects to the network, and is used to authenticate the connection.
- Client Authentication - Client certificate for client authentication (Identity certificate): Choose the SCEP or PKCS client certificate profile that is also deployed to the device. This certificate is the identity presented by the device to the server to authenticate the connection.
- EAP-TTLS: Also enter:
- Server Trust - Certificate server names: Add one or more common names used in the certificates issued by your trusted certificate authority (CA). When you enter this information, you can bypass the dynamic trust window displayed on user's devices when they connect to this Wi-Fi network.
- Root certificate for server validation https://lybfmk.weebly.com/blog/install-microsoft-office-on-mac-with-wine. : Choose an existing trusted root certificate profile. This certificate is presented to the server when the client connects to the network, and is used to authenticate the connection.
- Client Authentication - Choose an Authentication method. Your options:
- Username and Password: Prompt the user for a user name and password to authenticate the connection. Also enter:
- Non-EAP method (inner identity): Choose how you authenticate the connection. Be sure you choose the same protocol that's configured on your Wi-Fi network.Your options: Unencrypted password (PAP), Challenge Handshake Authentication Protocol (CHAP), Microsoft CHAP (MS-CHAP), or Microsoft CHAP Version 2 (MS-CHAP v2)
- Certificates: Choose the SCEP or PKCS client certificate profile that is also deployed to the device. This certificate is the identity presented by the device to the server to authenticate the connection.
- Identity privacy (outer identity): Enter the text sent in the response to an EAP identity request. This text can be any value, such as
anonymous
. During authentication, this anonymous identity is initially sent, and then followed by the real identification sent in a secure tunnel.
- LEAP
- PEAP: Also enter:
- Server Trust - Certificate server names: Add one or more common names used in the certificates issued by your trusted certificate authority (CA). When you enter this information, you can bypass the dynamic trust window displayed on user's devices when they connect to this Wi-Fi network.
- Root certificate for server validation: Choose an existing trusted root certificate profile. This certificate is presented to the server when the client connects to the network, and is used to authenticate the connection.
- Client Authentication - Choose an Authentication method. Your options:
- Username and Password: Prompt the user for a user name and password to authenticate the connection.
- Certificates: Choose the SCEP or PKCS client certificate profile that is also deployed to the device. This certificate is the identity presented by the device to the server to authenticate the connection.
- Identity privacy (outer identity): Enter the text sent in the response to an EAP identity request. This text can be any value, such as
anonymous
. During authentication, this anonymous identity is initially sent, and then followed by the real identification sent in a secure tunnel.
- Proxy settings: Your options:
- None: No proxy settings are configured.
- Manual: Enter the Proxy server address as an IP address, and its Port number.
- Automatic: Use a file to configure the proxy server. Enter the Proxy server URL (for example
http://proxy.contoso.com
) that contains the configuration file.
Next steps
The profile is created, but it's not doing anything. Next, assign this profile and monitor its status.
Configure Wi-Fi settings on Android, Android Enterprise, iOS/iPadOS, and Windows 10 devices.
Mac Os Connect To Microsoft Protected Eap Download
-->可以使用特定的 WiFi 设置创建配置文件,然后将此配置文件部署到 macOS 设备。You can create a profile with specific WiFi settings, and then deploy this profile to your macOS devices.Microsoft Intune 提供多种功能,包括对网络进行身份验证,添加 PKS 或 SCEP 证书等。Microsoft Intune offers many features, including authenticating to your network, adding a PKS or SCEP certificate, and more.
这些 Wi-Fi 设置分为两个类别:基本设置和企业级设置。These Wi-Fi settings are separated in to two categories: Basic settings and Enterprise-level settings.
本文将说明这些设置。This article describes these settings.
在开始之前Before you begin
创建设备配置文件。Create a device profile.
Mac Os Connect To Microsoft Protected Eap Windows 10
备注
这些设置适用于所有注册类型。These settings are available for all enrollment types.有关注册类型的详细信息,请参阅 macOS 注册。For more information on the enrollment types, see macOS enrollment.
基本配置文件Basic profiles
- Wi-Fi 类型:选择“基本” 。Wi-Fi type: Choose Basic.
- 网络名称:输入此 Wi-Fi 连接的名称。Network name: Enter a name for this Wi-Fi connection.该值是用户在其设备上浏览可用连接列表时看到的名称。This value is the name that users see when they browse the list of available connections on their device.
- SSID:“服务集标识符” 的英文缩写。SSID: Short for service set identifier.该属性是设备连接到的无线网络的真实名称。This property is the real name of the wireless network that devices connect to.但是,用户在选择连接时只会看到你之前配置的网络名称。However, users only see the network name you configured when they choose the connection.
- 自动连接:选择“启用” 可以在设备处于范围内时自动连接到此网络。Connect automatically: Choose Enable to automatically connect to this network when the device is in range.选择“禁用” 以防止设备自动连接。Choose Disable to prevent devices from automatically connecting.
- 隐藏的网络:选择“启用” 可以在设备上的可用网络列表中隐藏此网络。Hidden network: Choose Enable to hide this network from the list of available networks on the device.不广播 SSID。The SSID isn't broadcasted.选择“禁用” 以在设备上的可用网络列表中显示此网络。Choose Disable to show this network in the list of available networks on the device.
- 安全类型:选择用于对 Wi-Fi 网络进行身份验证的安全协议。Security type: Select the security protocol to authenticate to the Wi-Fi network.选项包括:Your options:
- 开放(无身份验证) :仅在网络未受保护的情况下使用此选项。Open (no authentication): Only use this option if the network is unsecured.
- WPA/WPA2 - 个人版:在“预共享密钥” 中输入密码。WPA/WPA2 - Personal: Enter the password in Pre-shared key.设置或配置组织的网络后,还要配置密码或网络密钥。When your organization's network is set up or configured, a password or network key is also configured.输入此密码或网络密钥作为 PSK 值。Enter this password or network key for the PSK value.
- WEPWEP
- 代理设置:选项包括:Proxy settings: Your options:
- 无:不配置任何代理设置。None: No proxy settings are configured.
- 手动:输入“代理服务器地址”作为 IP 地址及其“端口号” 。Manual: Enter the Proxy server address as an IP address, and its Port number.
- 自动:使用文件配置代理服务器。Automatic: Use a file to configure the proxy server.输入包含配置文件的代理服务器 URL (例如
http://proxy.contoso.com
)。Enter the Proxy server URL (for examplehttp://proxy.contoso.com
) that contains the configuration file.
Mac Os Connect To Microsoft Protected Eap Windows 7
企业配置文件Enterprise profiles
- Wi-Fi 类型:选择“企业” 。Wi-Fi type: Choose Enterprise.
- SSID:“服务集标识符” 的英文缩写。SSID: Short for service set identifier.该属性是设备连接到的无线网络的真实名称。This property is the real name of the wireless network that devices connect to.但是,用户在选择连接时只会看到你之前配置的网络名称。However, users only see the network name you configured when they choose the connection.
- 自动连接:选择“启用” 可以在设备处于范围内时自动连接到此网络。Connect automatically: Choose Enable to automatically connect to this network when the device is in range.选择“禁用” 以防止设备自动连接。Choose Disable to prevent devices from automatically connecting.
- 隐藏的网络:选择“启用” 可以在设备上的可用网络列表中隐藏此网络。Hidden network: Choose Enable to hide this network from the list of available networks on the device.不广播 SSID。The SSID isn't broadcasted.选择“禁用” 以在设备上的可用网络列表中显示此网络。Choose Disable to show this network in the list of available networks on the device.
- EAP 类型:选择用于验证安全无线连接的可扩展身份验证协议 (EAP) 类型。EAP type: Choose the Extensible Authentication Protocol (EAP) type used to authenticate secured wireless connections.选项包括:Your options:
- EAP-FAST:输入“受保护的访问凭据(PAC)设置” 。EAP-FAST: Enter the Protected Access Credential (PAC) Settings.此选项使用受保护的访问凭据来创建客户端和身份验证服务器之间经过身份验证的隧道。This option uses protected access credentials to create an authenticated tunnel between the client and the authentication server.选项包括:Your options:
- 不使用 (PAC) Do not use (PAC)
- 使用 (PAC) :如果存在现有 PAC 文件,则使用它。Use (PAC): If an existing PAC file exists, use it.
- 使用和预配 PAC:创建 PAC 文件并将其添加到设备中。Use and Provision PAC: Create and add the PAC file to your devices.
- 匿名使用和预配 PAC:创建 PAC 文件并将其添加到设备中,无需对服务器进行身份验证。Use and Provision PAC Anonymously: Create and add the PAC file to your devices without authenticating to the server.
- EAP-SIMEAP-SIM
- EAP-TLS:此外请输入:EAP-TLS: Also enter:
- 服务器信任 - 证书服务器名称: “添加”由受信任的证书颁发机构 (CA) 颁发的证书中使用的一个或多个常用名称 。Server Trust - Certificate server names: Add one or more common names used in the certificates issued by your trusted certificate authority (CA).输入此信息时,可在用户设备连接到此 Wi-Fi 网络时,绕过该设备上显示的动态信任窗口。When you enter this information, you can bypass the dynamic trust window displayed on user's devices when they connect to this Wi-Fi network.
- 用于服务器验证的根证书:选择现有受信任的根证书配置文件。Root certificate for server validation: Choose an existing trusted root certificate profile.当客户端连接到网络时,将向服务器显示此证书,并被用于验证连接。This certificate is presented to the server when the client connects to the network, and is used to authenticate the connection.
- 客户端身份验证 - 用于客户端身份验证的客户端证书(标识证书) :选择也被部署到设备的 SCEP 或 PKCS 客户端证书配置文件。Client Authentication - Client certificate for client authentication (Identity certificate): Choose the SCEP or PKCS client certificate profile that is also deployed to the device.此证书是由设备呈现给服务器以用于对连接进行身份验证的标识。This certificate is the identity presented by the device to the server to authenticate the connection.
- EAP-TTLS:此外请输入:EAP-TTLS: Also enter:
- 服务器信任 - 证书服务器名称: “添加”由受信任的证书颁发机构 (CA) 颁发的证书中使用的一个或多个常用名称 。Server Trust - Certificate server names: Add one or more common names used in the certificates issued by your trusted certificate authority (CA).输入此信息时,可在用户设备连接到此 Wi-Fi 网络时,绕过该设备上显示的动态信任窗口。When you enter this information, you can bypass the dynamic trust window displayed on user's devices when they connect to this Wi-Fi network.
- 用于服务器验证的根证书:选择现有受信任的根证书配置文件。Root certificate for server validation: Choose an existing trusted root certificate profile.当客户端连接到网络时,将向服务器显示此证书,并被用于验证连接。This certificate is presented to the server when the client connects to the network, and is used to authenticate the connection.
- 客户端身份验证 - 选择一种身份验证方法 。Client Authentication - Choose an Authentication method.选项包括:Your options:
- 用户名和密码:提示用户输入验证连接所需的用户名和密码。Username and Password: Prompt the user for a user name and password to authenticate the connection.此外请输入:Also enter:
- 非 EAP 方法(内部标识) :选择连接验证方法。Non-EAP method (inner identity): Choose how you authenticate the connection.请确保选择在你的 Wi-Fi 网络上配置同一协议。Be sure you choose the same protocol that's configured on your Wi-Fi network.选项包括:“未加密密码(PAP)” 、“质询握手身份验证协议(CHAP)” 、“Microsoft CHAP (MS-CHAP)” 或“Microsoft CHAP 版本 2 (MS-CHAP v2)” Your options: Unencrypted password (PAP), Challenge Handshake Authentication Protocol (CHAP), Microsoft CHAP (MS-CHAP), or Microsoft CHAP Version 2 (MS-CHAP v2)
- 证书:选择也被部署到设备的 SCEP 或 PKCS 客户端证书配置文件。Certificates: Choose the SCEP or PKCS client certificate profile that is also deployed to the device.此证书是由设备呈现给服务器以用于对连接进行身份验证的标识。This certificate is the identity presented by the device to the server to authenticate the connection.
- 标识隐私(外部标识) :输入为响应 EAP 标识请求而发送的文本。Identity privacy (outer identity): Enter the text sent in the response to an EAP identity request.此文本可以是任何值,例如
anonymous
。This text can be any value, such asanonymous
.在身份验证过程中,将首先发送此匿名标识,然后在安全隧道内发送真实标识。During authentication, this anonymous identity is initially sent, and then followed by the real identification sent in a secure tunnel.
- LEAPLEAP
- PEAP:此外请输入:PEAP: Also enter:
- 服务器信任 - 证书服务器名称: “添加”由受信任的证书颁发机构 (CA) 颁发的证书中使用的一个或多个常用名称 。Server Trust - Certificate server names: Add one or more common names used in the certificates issued by your trusted certificate authority (CA).输入此信息时,可在用户设备连接到此 Wi-Fi 网络时,绕过该设备上显示的动态信任窗口。When you enter this information, you can bypass the dynamic trust window displayed on user's devices when they connect to this Wi-Fi network.
- 用于服务器验证的根证书:选择现有受信任的根证书配置文件。Root certificate for server validation: Choose an existing trusted root certificate profile.当客户端连接到网络时,将向服务器显示此证书,并被用于验证连接。This certificate is presented to the server when the client connects to the network, and is used to authenticate the connection.
- 客户端身份验证 - 选择一种身份验证方法 。Client Authentication - Choose an Authentication method.选项包括:Your options:
- 用户名和密码:提示用户输入验证连接所需的用户名和密码。Username and Password: Prompt the user for a user name and password to authenticate the connection.
- 证书:选择也被部署到设备的 SCEP 或 PKCS 客户端证书配置文件。Certificates: Choose the SCEP or PKCS client certificate profile that is also deployed to the device.此证书是由设备呈现给服务器以用于对连接进行身份验证的标识。This certificate is the identity presented by the device to the server to authenticate the connection.
- 标识隐私(外部标识) :输入为响应 EAP 标识请求而发送的文本。Identity privacy (outer identity): Enter the text sent in the response to an EAP identity request.此文本可以是任何值,例如
anonymous
。This text can be any value, such asanonymous
.在身份验证过程中,将首先发送此匿名标识,然后在安全隧道内发送真实标识。During authentication, this anonymous identity is initially sent, and then followed by the real identification sent in a secure tunnel.
- 代理设置:选项包括:Proxy settings: Your options:
- 无:不配置任何代理设置。None: No proxy settings are configured.
- 手动:输入“代理服务器地址”作为 IP 地址及其“端口号” 。Manual: Enter the Proxy server address as an IP address, and its Port number.
- 自动:使用文件配置代理服务器。Automatic: Use a file to configure the proxy server.输入包含配置文件的代理服务器 URL (例如
http://proxy.contoso.com
)。Enter the Proxy server URL (for examplehttp://proxy.contoso.com
) that contains the configuration file.
后续步骤Next steps
配置文件已创建,但未执行任何操作。The profile is created, but it's not doing anything.下一步是分配此配置文件,并监视配置文件状态。Next, assign this profile and monitor its status.
在 Android、Android Enterprise、iOS/iPadOS 和 Windows 10 设备上配置 Wi-Fi 设置。Configure Wi-Fi settings on Android, Android Enterprise, iOS/iPadOS, and Windows 10 devices.