Tuesday, April 13, 2021

NAC and PXE boot/imaging PCs

Helping implement a NAC (Clearpass specifically) and trying to approach the problem of PXE booting and imagining Windows 10 devices. Our org is looking at MAC auth for the PXE boot part which works ok as Clearpass can identify PXE boot clients and then a switch to 802.1x during the image process as soon as Windows is up and joined our AD and gets GPO settings etc. From the guys testing they have not been able to get the device to stay authenticated during the imaging process and it ends up reconnecting constantly and apparently interrupting the imaging process. Looking online most people seem to just do MAC bypass for imaging and new devices and then 802.1x once the device is deployed. Has anyone been successful with anything other than MAC auth for imaging devices? Thanks.



No comments:

Post a Comment