Posted on 09-10-2019 07:41 AM
what are you guys/gals doing with the 'secure token' popup ?
I don't have FV2 enabled and AD users are getting the popup, so we have them select 'bypass'.
i created a configuration profile, using the custom settings payload i added this .plist file (com.apple.MCX as preference domain
)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>cachedaccounts.askForSecureTokenAuthBypass</key>
<true/>
</dict>
</plist>
Solved! Go to Solution.
Posted on 09-10-2019 08:49 AM
@tcandela Yes, this is all I have. We use this config profile for our Mac labs so that users logging in do not receive the SecureToken Prompt. It is working with the current build of macOS Mojave 10.14.6.
Posted on 09-10-2019 08:24 AM
Looks like you have the same thing as what is on my JSS. Do you have it set to Computer Level to apply the profile?
Posted on 09-10-2019 08:30 AM
@john-hsu yes i have it set at computer level. the computer is not filevaulted
from my understanding this secure token is not based on whether FV2 is enabled or not, it pops up either way.
is that all you have in that config profile is that single .plist?
is it working?
are all AD users who login for the first time not seeing the securetoken popup?
Posted on 09-10-2019 08:49 AM
@tcandela Yes, this is all I have. We use this config profile for our Mac labs so that users logging in do not receive the SecureToken Prompt. It is working with the current build of macOS Mojave 10.14.6.
2 weeks ago
If this config is removed from a machine with an AD account does the user get prompted? We still have a handful of users with this and are migrating to cloud and are gushy to remove it in case it causes a prompt.
Posted on 09-10-2019 08:57 AM
@john-hsu i applied it to a mac mini that is AD joined, waiting for a new user to login.
I logged in to the mac mini before applying the config profile (chose bypass), so i assume if i log back in I will not get the actual settings that the config profile sets.
Posted on 09-12-2019 09:59 AM
it works