We have an up and running NPS and certificate solution running EAP-TLS for machine and user authentication with PC.
We recently added several Windows 8 Professional tablets - they're domain joined and have machine certificates enrolled when deployed via SCCM.
But - and we're pretty sure, we got user certificate enrollment to work over wireless, with the tablet authenticated as machine, and then switch to user after certificate is enrolled.
But 2nd try we cannot get this going. I must admit that before first try I didn't think this should work - considering that user possibly could not request certificate before he starts logon, and when logon for user starts computer authentication would break ...
But then again - i cannot find any hard evidence that this is true --- so - is there anyone that positively can acknowledge that Win 8 wireless logon - the switch from computer to user happens BEFORE user enrolls for cert ??
lYncexChangeWirelessADDSADCSNPSWindows20032008201278XP :-) -PowderToThePeople ---- snow, that is