Enterprise Connect in Lab environment

JoySeeley
New Contributor III

We have about 300+ lab machines and we are an AD campus, including all the students. We are getting ready to roll out a new policy for students that they have to change their passwords. In our lab environment, faculty/staff and students can login and I would like to setup EC so that at login, their network volume mounts and then have the ability to change their password from the EC menu in the Finder. However, on a logout, the home directory of the currently logged in user, is deleted.

We also have two different AD realms, one for the students and one for the faculty/staff. Currently I have a script that runs at login that determines which realm they belong to and based on that, mounts the appropriate network drives which work, but would like to give the students the option to change their passwords via EC and have EC setup at login, so they don't have to login to EC, in addition to the Macintosh, with their AD credentials.

Is this possible?

Thank you in advanced!

1 REPLY 1

Rememberfarley
New Contributor III

I believe it is going away with Catalina just a heads up per the email from Apple

Last week at WWDC, we previewed a new framework for single sign-on in macOS Catalina, iOS 13 and iPad OS. Developers can now make single sign-on extensions that integrate with websites or native apps and support identity providers like Microsoft Azure AD, Okta and Ping.

In addition, we demonstrated our own first-party extension to deliver improved Kerberos support on macOS, including configuration by MDM and support for syncing with local passwords. The extension is also available on iOS and iPad OS for the first time.
With these changes, we’d like you to begin testing and planning an eventual migration away from Enterprise Connect. Although we will continue to provide critical maintenance updates for Enterprise Connect for at least one year, we will be focusing new development efforts on functionality related to the new extension.
Additional documentation and test plans around the new functionality will be published through AppleSeed for IT throughout the summer. Feedback should be submitted through Feedback Assistant for any kind of single sign-on functionality going forward.
These new features were inspired by the work we did to build and support Enterprise Connect over the last few years and offer many new features that our customers had been asking for. We hope that making them available as part of macOS, iOS and iPad OS helps many more customers and users benefit from what they offer.

Sincerely,

Apple Professional Services