Im getting ready to start a project involving providing SSO experience to my ~300 iOS devices.
I currently use MDM (Meraki - and most likely JAMF down the road whne funds are available) for Exchange, VPN and VPP apps, but haven't needed to manage SSO until now.
We recently deployed SharePoint and an Atlasian stack that leverages Kerberos/SSO on our desktops. We also recently deployed a new Cisco ISE server on our WLAN. Our Windows root CA server (and PKI infrastructure) was recently updated, too. I work in an Active Directory shop.
Needless to say, it's time to provide more robust support for our iOS devices on our LAN/Domain.
Since I already have a good foundation in place (i.e.; all my devices are enrolled and managed in an MDM already), I just need to figure out the logistics of what is needed in terms of configuration profiles, payloads, and certs.
Our goal is to ease the pain of getting iOS devices on the WLAN and accesssing Intranet resources.
Once this iOS project is tackeled Im going to work on 802.1x (Wireless machine auth) for Mac laptops.
Does anyone have any useful links or best practice documentation for such an endeavor?
