Use Login Window Mode for 802.1X authentication to a network

You can authenticate to a network from the login window when your Mac is setup with a compatible Directory Service and configured to use this mode with MDM.

To use Login Window Mode for 802.1X authentication on your Mac, here's what you need: 

  • A bind to an Active Directory (AD) or Open Directory (OD) server
  • A network configuration profile installed that enables Login Window Mode for the desired Ethernet interface or Wi-Fi network

Authenticate with Login Window Mode

To authenticate with 802.1X at the login screen, select Other from the list of users, then enter your user name and password. Then, in the pop-up menu, select the network interface that you want to authenticate with, then click Login button.

Change login display options

To change the login display to always ask for the user name and password, follow these steps:

  1. Choose Apple () menu > System Preferences, then click Users & Groups.
  2. In the sidebar, click Login Options. You might need to click System preferences lock icon in the lower left corner and authenticate before you can make changes. 
  3. Next to “Display login window as,” select “Name and password.”

You can also use a configuration profile to set the login window to display the name and password fields.

Use Login Window Mode with FileVault

When you use FileVault, you are automatically logged into your user account after you unlock your disk. To use 802.1X authentication at the login window when FileVault is on, disable automatic login.

To turn off automatic login when FileVault is on, enter this command in Terminal:

sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES

If you want to turn automatic login back on, enter this command in Terminal:

sudo defaults delete /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin
Published Date: