NoMAD Login + NoMAD deployment. Auto logs in ad service account

Macmacmark
New Contributor III

Hello,

I'm banging my head off the desk on this one. I've successfully deployed NoMAD Login and that works great, but the NoMAD part is where I'm having trouble. I uploaded the default plist for NoMAD from a test machine into Jamf, that seems to be deploying properly. Then I have a script to modify the plist;

!/bin/sh

AD_domain="domain"
Realm="domain"

Write default AD domain

defaults write com.trusourcelabs.NoMAD ADDomain -string "$AD_domain"
defaults write com.trusourcelabs.NoMAD KerberosRealm -string "$Realm"
defaults write com.trusourcelabs.NoMAD UseKeychain -bool "true"
defaults write com.trusourcelabs.NoMAD SignInWindowOnLaunch -bool "true"
defaults write com.trusourcelabs.NoMAD UPCAlert -bool "true"
defaults write com.trusourcelabs.NoMAD UseKeychainPrompt -bool "true"

After I apply this and restart the machine, I log in with my AD creds, but NoMAD auto signs in as my read only Jamf share service account instead of my AD account... I can't figure out why, or how this is possible.. Has anyone else had this issue?

I've wiped the machine and ran the test again with the same results.

Any ideas on how to fix this would be appreciated.

1 ACCEPTED SOLUTION

Hugonaut
Valued Contributor II

deploy the preferences with a configuration profile. I too have banged my head when writing out to the plist. I set the same settings with a config profile created w/ Profile Creator & WALLAH IT WORKED....haha

https://github.com/ProfileCreator/ProfileCreator

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month

View solution in original post

3 REPLIES 3

Hugonaut
Valued Contributor II

deploy the preferences with a configuration profile. I too have banged my head when writing out to the plist. I set the same settings with a config profile created w/ Profile Creator & WALLAH IT WORKED....haha

https://github.com/ProfileCreator/ProfileCreator

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month

Macmacmark
New Contributor III

@Hugonaut Thanks! I will give Profile Creator a go. :)

Macmacmark
New Contributor III

I was able to get a working profile by using Profile Creator, after configuring the custom settings from a example NoMAD config profile that I got from nomad's site, I was able to copy the custom settings from the XML window in Profile creator, and then use BBEdit to save the the settings as a plist file. I then created a config profile in Jamf and uploaded the plist in the Custom Settings section. Thanks for the tip @Hugonaut