Help

Smart Card Integration with Active Directory

Not applicable

Posted on ‎07-22-2011 05:10 AM

We're looking for a product which allows smart card integration with Active Directory on Macintosh (10.6 - 10.7). I'm currently evaluating Direct Control by Centrify. So far my experience hasn't been very good since it seems to break our Casper Image. For some strange reason the mobile profiles aren't built from the standard user template folder (FUT) so all of our customization is lost. Does anyone have recommends on Smart Card integration production for Macintosh's or had a better experience with Centrify's Direct Access?

Regards,
Matt

0 Kudos
Reply
2 REPLIES 2

jarednichols
Honored Contributor

Posted on ‎07-22-2011 05:10 AM

If you're talking exclusively on 10.7 here, mobile profiles on AD users is broken in the GM. Apple is aware. Unfortunately, this is a show-stopper for us.

j

0 Kudos
Reply

jarednichols
Honored Contributor

Posted on ‎07-22-2011 05:31 AM

+1

Shawn Geddis just posted (yesterday?) a long post about SmartCard services in 10.7 and why it's changing. Bottom line is that the existing crypto architecture has been deprecated in favor of a new architecture, CommonCrypto, that can be leveraged on both iOS and Desktop OS. CommonCrypto has already been submitted for FIPS 140-2 accreditation when it comes to iOS so FIPS for desktop OS shouldn't be far behind, one would figure.

j
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

0 Kudos
Reply