Link to home
Start Free TrialLog in
Avatar of Manny Fernandez
Manny Fernandez

asked on

Generating User Certificates with a sAMAccountName as the CN

I am configuring 802.1x for a wireless deployment.  I am using Microsoft CA Services to do auto-enroll for user certificates.  The problem I am having is that the template I cloned (the user template), generates the CN as the "Display Name" (e.g. John Doe) what I would like for it to use is the sAMAccountName (e.g. jdoe).  The issue is that if I do `display name`, the user would need to type "John Doe" for the EAP while everything else would be `Jdoe`.  Does anyone know of a way to do this?  We are using FortiAuthenticator as the RADIUS server.  

Side note, I was able to get it working using the FortiAuthenticator as the CA but I cannot use GPO to auto-enroll the users so it makes it more complex.
ASKER CERTIFIED SOLUTION
Avatar of Mahesh
Mahesh
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Are your 802.1x depends on the user or the system?
Are these domain based machines or personal devices that a user brings in?