I have been instructed by our InfoSec team that I need to configure NoMAD to communicate via SSL. I found the LDAPOverSSL key on the NoMAD site and set it to true, then added it to the existing Config Profile that I've been using.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ADDomain</key>
<string>company.com</string>
<key>GetHelpOptions</key>
<string>https://support.company.com/</string>
<key>GetHelpType</key>
<string>URL</string>
<key>KerberosRealm</key>
<string>COMPANY.COM</string>
<key>RenewTickets</key>
<string>1</string>
<key>SecondsToRenew</key>
<string>7200</string>
<key>SelfServicePath</key>
<string>/Applications/Self Service.app</string>
<key>ShowHome</key>
<string>0</string>
<key>Template</key>
<string>User Auth</string>
<key>UseKeychain</key>
<string>0</string>
<key>Verbose</key>
<string>0</string>
<key>LDAPOverSSL</key>
<boolean>true</boolean>
</dict>
</plist> I pushed it out and now when a Mac has the updated Config Profile, it doesn't report the password expiration at all. It only says "Password does not expire".
If I revert it back to the profile without LDAPOverSSL, it works just fine. I can't figure out why this is happening. What am I doing wrong?
