Hey everyone! I'm struggling with some Wifi connectivity issues using NPS alongside User-based SCEP Certificates for non-domain joined devices. I've managed to deploy the root CA through Intune, and the SCEP profile seems to be installing the certificates correctly. My NPS policy is linked to the same certificate that the SCEP certificate generates and uses Smart Card/Certificate for authentication, tied to a specific user group that my account is part of.
However, when I try to connect to the SSID, I don't receive any logs indicating whether NPS denied or allowed the request. The only event I see is in the IAS_Success log when I check with the IAS Log Viewer, which shows some connection details but ends with an 'Unknown' result. I've tried a bunch of troubleshooting steps to get this working, but the device just won't connect. Any suggestions on what I can check? Thanks!
1 Answer
Looks like you might have a small issue in your SCEP Profile's App Proxy URL—there's an extra slash in the URL. Make sure it's set up correctly: it should be .net/certsrv instead of .net//certsrv.
Additionally, can you verify if the certificates are being successfully issued to these devices? Are you also pushing the Wireless profile through Intune? If not, that might be a factor!
Good catch on the URL! I’ll make that fix and redeploy the cert.
As for the certificates, they are being issued without issue, check this pic: https://imgur.com/a/nKO9qbB. I haven't pushed the wireless profile through Intune yet—been doing it manually—but maybe that's where the hiccup is.