Wondering if anyone has recently experienced an issue with Apple Kerberos SSO for macOS not recognizing the default realm set in the Jamf config profile?
I have been testing this in advance of replacing enterprise connect, and had it set up and working perfectly with our single domain, got everything working how I wanted it, live password testing etc, and had several test users reset their password successfully.
Now this week when I went to change my own password, I got the message in the screenshot. Nothing in the config profile has changed, has anyone seen this or have any suggestions?
all clients are on Catalina latest version
Solved! Go to Solution.
@Jason33 I wish there was a dislike button... That is NOT the way. Not your fault, I know, but discouraging that so many of Apple's solutions today are just "(complete a major) upgrade to the next thing" rather than using their the barest sliver of their profitability to fix bugs and issues for older versions.
To save time and for deployment speed I scripted it instead of making a package. No composer work needed. Also if Jamf Connect is already running then it would seem like the fix is not working @MikaelDez you will need to "quite" Jamf Connect or better yet unload it first. So the full solution is below.
#!/bin/bash #Find the Current users ID. currentUser=$( /usr/bin/stat -f %Su "/dev/console" ) userID=$( /usr/bin/id -u "$currentUser" ) #Unload the Jamf Connect Menu bar app /bin/launchctl bootout gui/"$userID" /Library/LaunchAgents/com.jamf.connect.plist #Create the Kerberos file touch /etc/krb5.conf #Write the content into the file cat << 'EOT' >/etc/krb5.conf [libdefaults] default_realm=MCSLTD.INTERNAL EOT #wait 2 seconds sleep 2 #Kill any running instance with the name Jamf Connect pkill "Jamf Connect" #Re-launch Jamf Connect Menu bar app (by launching the LaunchAgent) /bin/launchctl bootstrap gui/"$userID" /Library/LaunchAgents/com.jamf.connect.plist exit 0