9 Dec
2013
9 Dec
'13
5:55 p.m.
Le 9 déc. 2013 à 18:33, Daly, John CIV NAVAIR, 4L6200D <john.l.daly@navy.mil> a écrit :
my quest to enable CAC for all my users continues. Until I can get PKI-INIT to work with Open Directory, I'm simply adding the user's pubkeyhash to their account, following Yoann Gini's directions. I've noticed that the CAC doesn't unlock the user's login keychain when logging in.
When using pubkeyhash, I’ve just set my login keychain to use my PIN code as password, without any command line, just using the password modification tool in Keychain Access. PS: I’m also working on PKINIT with AD at this time, impossible to make it work without Centrify / Thursby.