Is there a way to configure access to an SSID based not only on a PSK/User Credentials, but also limit access to certified devices? For example, staff can connect to the corporate SSID using their Active Directory credentials, but only on devices that have been whitelisted by IT with a client-side certificate or MAC address list?
If System Manager is a solution, are there alternatives like Windows NPS or FreeRADIUS?
Any walkthrough or how-to guides on how to set it up?
We'll save MAB as a last resort. I am not a fan of the way Microsoft handles MAB authentication with NPS. 500+ additional AD accounts to manage would be a management overhead nightmare. Pushing certificates to devices enrolled in our MDM is much more manageable.