3 weeks ago
Hello All - we're experiencing an issue with the Kerberos extension asking users to log in again and again. Seemingly this is the same issue as this below linked discussion -- the extension is asking to verify "user presence" as per our settings in JAMF.
https://community.jamf.com/t5/jamf-pro/kerberos-sso-extension-help/td-p/252043
We have two concerns by solving this issue by setting user presence to "skip" - one, is there is a security concern we are not thinking of by asking it to skip, and two, if we do set this to "skip" will this prevent the extension from updating the keychain without the user signing in and / or prevent the users from accessing shares? Does anyone know?
3 weeks ago
Are the users actually logging in to the extension, and updating their password with the extension as needed? Generally speaking the extension should only pester to log in when the user is not logged in or the password does not match AD.
3 weeks ago
Thanks for the reply - It definitely asks the user each time they log in - and is not satisfied when they log in to it. it will reappear if they restart or log out and log in again. Also, it appears we are having at least one user where the extension asks repeatedly within a continuously logged in session. Have you seen this?