#!/bin/bash#Determine PSSO status of current console user logged in at
time of recon#Get current user logged in to devicecurrentUser=$(
/usr/sbin/scutil <<< "show State:/Users/ConsoleUser" | /usr/bin/awk -F':
' '/[[:space:]]+Name[[:space:]]:/ { if ( ...
Configure Kerberos SSO for Microsoft Entra Platform Single Sign-On
Reference:
https://learn.microsoft.com/en-us/entra/identity/devices/device-join-macos-platform-single-sign-on-kerberos-configuration
The native Kerberos Single Sign-On (Kerberos SSO) ...
Updated 9 OCT 2024: NOTE: Okta Verify appears to have rolled back to
9.23.0 as the official release which is working in macOS 18.1 beta 6.
iOS SSOe support appears to be working in 9.24.1 with iOS 18.1 beta 6.
Limitations and Requirements Apple has m...
As I'm writing articles, I'll update this page with the latest articles:
Updated 23SEPT2024 What is Platform Single Sign-On - An overview of the
technology and how it works
https://community.jamf.com/t5/jamf-pro/what-is-platform-single-sign-on/td-p/3...
Troubleshooting steps Extensive trouble shooting steps are available
from Microsoft at:
https://learn.microsoft.com/en-us/entra/identity/devices/troubleshoot-mac-sso-extension-plugin
Removing PSSOe from a user account To force an update to a user acc...
You could, I guess? But most likely you want to enable the cloud
kerberos connection with microsoft to get a real on-prem ticket which is
what all of your on-prem resources like file shares would use.
Do people receive an alert: Nope. In fact, it is possible a user may
need to change their password if expired on a second device before
getting into the Mac. If you're enforcing passwords and there's a
network connection, you could lock users out of ...
This is specific to the Microsoft Entra ID implementation of PSSO and
even more specific than that, using the "Secure Enclave key"
authentication mode. In this specific mode, think of PSSO as an upgrade
to SSO you're using right now. Instead of a sec...
The man, the myth, the mohawk. Senior Consulting Engineer, Identity and Access Management. Often seen in an Airstream trailer performing extreme social distancing. Offers a strict SaaS model for delivery - Sarcasm as a Service.
