cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1160
Views
1
Helpful
3
Replies

Machine + User authentication in Mac OS

sameesin
Cisco Employee
Cisco Employee

Hi All,

I have a query regarding Machine + User Authentication in Mac OS.

Does both machine and User authentication work when I have both the machine and the user credentials in the AD. (Not certificate based, but the machine is part of the domain)

I have come across articles stating System and Login Window mode can actually work together but did not find any configuration guide to support this.

Any leads will be helpful.

1 Accepted Solution

Accepted Solutions

Dustin Anderson
Contributor
Contributor

This was from last year, but it looks like there is no way to get both credentials at once as Apple doesn't support the dual credentials.

https://communities.cisco.com/message/249489

View solution in original post

3 Replies 3

Dustin Anderson
Contributor
Contributor

This was from last year, but it looks like there is no way to get both credentials at once as Apple doesn't support the dual credentials.

https://communities.cisco.com/message/249489

Thanks for your input.
By at once, you mean like eap-chaining or for Apple devices, we can either do machine authentication or user authentication. I was wondering if we can use MAR if both are supported even if not as eap-chaining.

Dustin Anderson
Contributor
Contributor

Yes, it sounded like you can sue MAR to get the machine credential.

I use MAR in out setup, but don't have Macs, but should be the same.

The caveats I run into is people being docked, log in, then go wireless. Since the MAC changes, the system may not have the wireless MAC stored. I have our MAR database set to 30 days and this has kept this issue to a minimum.

It's a trade off, we originally did EAP-Chaining, but the AnyConnect NAM was too intrusive and windows made you uninstall it whenever there big updates went live.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: