We are trying to setup SCCM OSD with a primary and 2 secondary remote sites. The problem is that we are using 802.1x authenticated ports on our LAN which require both a computer and user certificate to be allowed onto the corporate LAN. Unauthenticated machines are restricted to a "contractor" isolated VLAN. Is there any solution to allow for both PXE and OSD using WinPE in this environment? We are not wanting to put any infrastructure in the unauthenticated VLAN. Not sure if anyone has tried to use vPRO provisioning in SCCM to overcome this challenge. Any suggestions would be appreciated. Thanks!

Well depending on the Authentication you would need to use Native mode so that the computer is deployed with a Cert at the time of imaging. From what you say can you image or does it get blocked?http://www.sccm-tools.com http://sms-hints-tricks.blogspot.com

With a bare-metal or new machine, it does not have certificate, and therefore does not ever get on the corporate LAN. Unfortunatley WinPE does not support 802.1x so it makes it very difficult to do imaging. Have you implemented vPro for SCCM and used it for provsioning? I believe vPro supports 802.1x but want to know if this is a possibility before heading down this track and wasting time and resources implementing this solution. Thanks

I have test vpro (AMT) but only in a limited test. Here is how to setup AMT for 802.1x http://technet.microsoft.com/en-us/library/ee344378.aspx AMT is what is being used by SCCM, Vpro is the layer on top of AMT that does security and other items. http://www.sccm-tools.com http://sms-hints-tricks.blogspot.com