Network Deployments for Intune and Jamf-Managed Devices


Table of Contents

Managed Certificate Overview

The University of Maryland has reached a major milestone in the Campus Network Refresh – Policy-Driven Network initiative with the successful deployment of Secure W2-managed EAP-TLS certificates to all Jamf- and Intune-managed devices. This achievement enhances network security, streamlines the user experience, and lays the technical foundation for the rollout of a Policy-Driven Network in the future. The managed certificate gets the device on the network identified as a device managed by a specific Local IT unit. 

Managed Certificate Troubleshooting (Windows) 

If you run into issues with getting a machine managed with Intune or JAMF onto the network, Please run Install Eduroam Certs.exe (shortcut will be placed in C:\Users\Public\Documents

If that doesn’t work, then run Forget eduroam Wi-Fi (shortcut that will be placed in C:\Users\Public\Documents)

If issues persist, contact it-desktop@umd.edu with the name of the affected devices, and we will resolve the issue.

Why you may see “eduroam-user” in your wireless list (Windows)

""

Managed Windows devices at UMD now include both device and user certificates to ensure compatibility with all eduroam-participating institutions. You might notice a new network name, eduroam-user, used only when needed. Both eduroam and eduroam-user connect to the same eduroam network. No action is required—your device will automatically select the correct profile.

Note: This change only affects faculty and staff who connect to eduroam at other institutions.

Managed Certificate Troubleshooting (Mac) 

Users may see a popup asking to select a certificate to continue connecting to eduroam.

  1. Click Select a Certificate and select EDUROAM 7D7166F7-8B18-4454-BB6E-36C07CDB494F.
  2. Click OK. There is no need to enter an Account Name.
    ""

If issues persist, contact it-desktop@umd.edu with the name of the affected devices, and we will resolve the issue.

Using Aruba Clearpass OnGuard

Aruba Clearpass OnGuard is a software solution that helps ensure secure network access by verifying the identity of users before they connect. This is a key step in preparing for the Policy Driven Network. The managed certificate gets the device on the network identified as a device managed by a specific Local IT unit. OnGuard identifies the user on the device allowing for more granular level access to networked resources.

Between 07/14/25 and 07/24/25, OnGuard will be deployed to all managed computers with the following schedule. When installed, users will see a login window prompting them to authenticate using their University Directory ID and passphrase. After the initial deployment, users should only need to sign in when they change their passphrase or sign into a new machine.

For Mac:                                                                                 For Windows:

"" ""

Two status icons will appear on the operating system taskbar or menu bar to indicate whether you are logged in or not:

The lock iconindicates you are not logged in.

the green shield icon indicates you are logged in.