We currently have a 802.1x environment set up with a 2008 r2 NPS server authenticating users. The school deployed 2000 iPads to the student body and authentication via NPS is working as expected. Hear lies the issue. After the deployment the powers that be decided that the student body should not have the right to log in to the environment with their user credentials on personal devices (BYOD). In the current deployment they can. The fix that I was hopping would work would be implementing “OS Classification”. Unfortunately it partially works; I can filter out windows, android, and apple mac books, but I can’t differentiate iPhones from IPads. I need a solution that will do the following: allow ipads through but deny all other devices and/or limit the logged on user to one authenticated device.