In this technote, we’ll configure ClearPass Onboard to generate and issue user certificates for Microsoft Entra ID users. The solution uses single sign-on (SSO) to authenticate users and onboard new devices, making it ideal for Bring Your Own Device (BYOD) scenarios. With this approach, Entra ID users can securely onboard their personal devices in accordance with the organisation’s access policies.
Most organisations today already use some form of SSO, and for good reason. It allows users to sign in once and then access multiple applications and services without being prompted to log in again. Authentication happens quietly in the background, so users can stay focused and productive without constant interruptions.
We’ll use ClearPass SSO with Entra ID, which leverages Security Assertion Markup Language (SAML) to exchange authentication information. Once the user is authenticated, ClearPass Onboard’s Certificate Authority issues a user certificate and installs it on the device, along with the required wireless profile enabling secure, certificate-based network access.
Solutions Tech Lab 
Leave a comment