Our Cisco Aironet AP uses Radius to authenticate against our Active Directory via our Network Policy Server (NPS). For my users, on their domain-managed laptops and BYO devices (such as laptops, smartphones, tablets, etc.) this works fine.
However, some devices do not have users logged in yet need to be connected via WiFi. For example, a Mac Mini that displays our Operations dashboard or a Raspberry Pi that streams internet radio. These devices are not domain-joined. It's no good to have a user provide their credentials for this kind of thing. For one thing, once their password expires the device will be locked out or will keep attempting to authenticate with the old password, leading to a lock-out for the user.
I guess device-level authentication is the answer, but how to set that up?
Thanks for any advice you can give me.
