I'm hoping someone can offer some advise on an issue I'm seeing in my company lately. Our macbooks have started to repeatedly prompt for "*insert application* wants to use your confidential information stored in "webproxy.*********" in your keychain. To allow this, enter the "login" keychain password". End users will enter their login password and select "Always Allow", but it just keeps repeating over and over again.
In the past, I could always fix this by going to their login keychain, select the proxy entries, and under "Access Control" I'd select "Allow all applications to access this item". However, this doesn't seem to be working anymore and I can't figure out how to stop the constant bombardment of password prompts they're seeing.
We have both Intel and M1 macbooks running up to date Big Sur and Monterey installs.
It sounds like you have an authenticated proxy. What forms of authentication does your proxy support? Does it support a single-sign on (SSO) method? (This would have historically been Kerberos. Not sure, nowadays.)
Are the applications in the prompts actual applications, or perhaps Apple system processes?
I know I’ve seen issues like this in the past authenticated proxies. The last big issue I can recall was that even with Kerberized proxy support, certain Apple daemons/processes themselves didn’t support proxying at all (possibly due to whatever networking frameworks they were using) or had their own proxy support .
It sounds like this changed recently for you. Could this correspond with a change in your infrastructure, or to a specific macOS update as it is installed on devices?
My apologies on the late reply, I've been out on PTO the last week.
Yes, we use an Authenticated proxy. The admin said nothing has changed recently on the proxy side.
It does use Kerberos.
You are correct--I apologize I misspoke when I said applications, I meant Apple system processes (usually parsecd, touristd, nsurlsessiond etc, but there's about 10 different ones that I see).
Unfortunately I don't have a precise timeframe of when it began. I don't use a mac as my primary workstation and the end users didn't report it to me right away, they said it started a month ago and one stated it didn't start occurring to her until she had a password change--which makes sense with authenticated proxies.
I did a little more testing and I'm setting the "Access Control" to allow all apps in keychain, but when you launch various applications (I think I launched MS Teams), then the setting is reverting back to "Confirm before allowing access" in the local items keychain