Security

Hello,

 

I recently added a policy to inject the email address into the device certificate (mdpsEmailAddress). This is being used for the certificate expiry email to the user.

 

The feedback in our pilot is that the default fields are not sufficient where a user may have more than one instance of an operating system and using a MAC address to valdiate is a step to far for non technical folks.

 

Is there a way to inject the client "hostname" into the certificate so we can can communnicate that in the certificate epxiry email? There is a lot of focus on our ability to notify users of an expiring certificate but our environment is that where users have multiple of the same OS.

 

thanks

Ken

The device type and OS is added to the certificate. Is that sufficient?

I am afraid not when it comes to engineers working on mupltiple Windows clients and Ubuntu. I am testing multiple devices myself at present and finding I am having to check MAC addresses to be sure I am re-provision the correct device.

 

The perfect works is one 1 x windows , 1 x smartphone , 1 x tablet but that is not our world I am afraid.

 

thanks

Ken

I don't think this is possible today. I would add a feature request.

Is there any good documents on using other fields on the certificate. I believe there are custom fields but how can they be used? I am struggling to find good info on this.

Thanks
Ken

What fields are you referring to? All of the fields available in the certificate are used by default and are populated with data from Onboard.