I used to have AD + NPS (RADIUS) + ADCS to handle 802.1x authentication requests. When a new employee joined, they would log in Windows with their corporate ID and password, and they were automatically connected to the secure Wi-Fi because the Wi-Fi settings were pushed via GPO. Now, I’m moving to Azure AD. I find that Microsoft Azure AD-joined devices can’t use NPS (RADIUS) directly. So, I started looking into Meraki Trusted Access. My main question is: How do I set up the system so that onboarding users can simply sign in to Windows and be automatically connected to the secure network? If users need to access the portal (e.g., portal.meraki.com) to download a profile, how can they do that if they don’t yet have access to the network since authentication is required? I think I’m confused. What are the proper steps or best practices for using Meraki Trusted Access for onboarding new users?   Do I need to set up a guest network for users to onboard? If yes, I’m concerned that users will stay on the guest network and never follow the instructions for Meraki Trusted Access. They will probably call IT when they can’t access resources because they haven’t completed the Trusted Access setup. Many people in my organization are not IT-savvy, so I need to minimize the steps required for them to get things working. Asking employees to log in to portal.meraki.com just to gain access to corporate Wi-Fi feels excessive, especially since they already have access to the internet on the guest network Any help would be greatly appreciated.    Thank you! ... View more