We are using Airwatch for ours iPad.
Users register to Airwatch with their MS Active Directory account. Airwatch pushes a X509 Certificate (based on the user account and issued by our MS PKI) on the device.
We have two use cases :
- users access email via MS Exchange Activ Sync : authentication is done using MS Active Directory user/password
- users access extranet web applications : authentication is done by CA SiteMinder using the iPad X509 certificate
If the AD password expires, users don't have the possibility to change it with the iPad. They need to connect to corporate network on the LAN with their desktop.
I have several questions
1) Can we use the certificate to authenticate on Exchange?
What we need to do on Exchange, on Airwatch (if necessary) and on the iPad?
2) Can we use the fisrt certificate pushed by Airwatch or we need to issue another one for Exchange with specific caracteristics?
Thanks for your help
Laurent - nice to meet you virtually! To answer your question you would need to configure certificate authentication for your Exchange server and then setup AW to push down the certificates. Much like what you mentioned you're already use for web applications. I'm happy to provide further details and additional context via our support desk at email@example.com
This could help..