I am new to WPA2 authentication. We are using Meraki APs on our network. We have Radius working as far as being able to authenticate with Domain User Ids and get on the SSID. However this is not our goal. We are in a school environment and do not want things brought from home used on internal networks so we need to identify our hardware (Macs and PC Laptops) and allow it onto the network no matter who is on it. We are using Microsoft NPS as the Radius server. Or Network Policy Grants NAS Port IEEE 802.11, I have added a Windows Group for Domain Admins as a test of User Authentication and Machine Group of Domain Computers. The Admins can log on but machines are not. In particular the Macs ask for User ID and Password and our student IDs do not pass the test. How do I get Computer only logins?