I have deployed certificate based authentication on our network for our mobile devices to be able to authenticate to the network utilizing an NDES server. We have configured the NPS policies and have pushed the Wifi configuration to our mobile's with our MDM solution. The only issue I am running into is that our exchange server is not setup for CBA. Our MDM solution required us to change the Exchange authentication from passthrough to CBA.
My question is can I setup CBA without effecting devices that do not connect to our Exchange Active Sync via our MDM. Does EAC still allow users with BYOD to connect to exchange using the credentials or do I have to somehow issue them their user certificate for them to be able to authenticate to EAC now?