This policy currently supports TLS protocol for certificate based authentication as user.
By default, the auto-enrolled user certificates are pushed down to ~/.centrify/autouser_(name).{cert,key,chain}. They are also imported into each user's respective login keychain.
Note that user must perform the following steps manually after login to authenticate to the network as him/herself:
1. Go to System Preferences > Network > Ethernet.
2. Click on "Disconnect" to disconnect existing 802.1X connections, if any. (For example, if machine 802.1X ethernet policy has been set, Mac will already be authenticated using machine credential)
3. Click on "Connect". This prompts the user with a list of available identities (certificate-key pair).
4. Choose the appropriate auto-enrolled user identity (certificate-key pair).
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Mac\8021X |
| Value Name | EnableUserEthernetProfile |
| Value Type | REG_DWORD |
| Enabled Value | 1 |
| Disabled Value | 0 |