Help

NoMAD - Automatic Login

davidjess
New Contributor III

Posted on ‎06-18-2018 06:02 AM

Hi everyone,

We have NoMAD running in our environment. Currently whenever a machine finishes DEP, we have to launch NoMAD from Applications, then login with the user's credentials.

For new users, their local account credentials match their credentials in AD. Is there a way to make NoMAD login when it's launched, if the current user and password match what's in AD?

Here's our plist for reference:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict> <key>ADDomain</key> <string>xxxxxxxx</string> <key>DontMatchKerbPrefs</key> <true/> <key>DontShowWelcome</key> <true/> <key>GetHelpOptions</key> <string>xxxxxxxxxx</string> <key>GetHelpType</key> <string>URL</string> <key>HideLockScreen</key> <false/> <key>HidePrefs</key> <true/> <key>HideQuit</key> <true/> <key>HideRenew</key> <true/> <key>HideSignOut</key> <true/> <key>KerberosRealm</key> <string>xxxxxxx</string> <key>LocalPasswordSync</key> <true/> <key>LocalPasswordSyncDontSyncLocalUsers</key> <array> <string>csadmin</string> </array> <key>LoginItem</key> <true/> <key>MessagePasswordChangePolicy</key> <string>Your password requires minimum 9 characters and must contain 3 from the following 4 categories: Uppercase, lowercase, numbers, symbols.</string> <key>PasswordPolicy</key> <dict> <key>minLength</key> <string>9</string> <key>minLowerCase</key> <string>1</string> <key>minMatches</key> <string>3</string> <key>minNumber</key> <string>1</string> <key>minSymbol</key> <string>1</string> <key>minUpperCase</key> <string>1</string> </dict> <key>PersistExpiration</key> <true/> <key>RenewTickets</key> <string>1</string> <key>SecondsToRenew</key> <string>7200</string> <key>SelfServicePath</key> <string>/Applications/Self Service.app</string> <key>ShowHome</key> <string>0</string> <key>SignInWindowOnLaunch</key> <string>1</string> <key>Template</key> <string>User Auth</string> <key>UPCAlert</key> <true/> <key>UseKeychain</key> <true/> <key>Verbose</key> <string>0</string> <key>X509CA</key> <string>xxxxxxxx</string>
</dict>
</plist>

Labels:
0 Kudos
4 REPLIES 4

sam_g
Contributor
Contributor

Posted on ‎06-18-2018 07:55 AM

As I understand it, since you're using keychain authentication to keep passwords in sync, the user will still need to authenticate to NoMAD once to store their password in the keychain. If you didn't have that preference set, NoMAD would automatically get their kerberos ticket from AD and sign them in automatically.

0 Kudos

walt
Contributor III

Posted on ‎06-18-2018 06:24 PM

I think what you may be looking for is the NoMAD Launch Agent

https://nomad.menu/help/automatically-launching-nomad/

0 Kudos

galionschools
Contributor

Posted on ‎06-19-2018 04:53 AM

@float0n Is correct. We use NoMAD and with the keychain sync setup you'll need to enter credentials into the dialog box to save them. Additionally like @walt linked to we also force the launch of NoMAD using a launch agent so if it's ever closed either on purpose or not it will relaunch right away.

I don't think you're going to be able to automate the login process and even if you are I'm not sure it would work %100 of the time.

0 Kudos

dminnema
New Contributor

Posted on ‎06-20-2018 10:32 AM

It may be worth looking into NoMAD Login. I have seen that in their next release they hope that NoMAD Login and NoMAD can have a handshake and then the user only has to login once.

0 Kudos