[SmartcardServices-Users] More open directory smart card login fun
Simon Hartley
simon at thursby.com
Thu Aug 29 14:51:48 PDT 2013
John:
Regarding the Thursby mention — for network/domain single-sign-on AD with CAC/PIV, Thursby does not recommend PKard for Mac, instead ADmitMac PKI. ADmitMac PKI we launched back with 10.4, at the request of Apple and the US Army. We build, support and guarantee solutions in the US on OS X and iOS all the way to OS X 10.8 and iOS 6, as well as developer previews under beta. It’s a different use case / market need than Open Source Software / self-build / self-certify / self-support. Regards, Simon @ Thursby
On Aug 29, 2013, at 4:06 PM, John Daly <john.l.daly at navy.mil> wrote:
Greetings all,
I'm attempting to get smart card logins to work on my 10.6, 10.7, and 10.8
clients attached to a 10.6.8 Server with Open Directory. All users have a
network account, and we've been directed to engage smart card logins and
deny username/password logins.
I can get the local login to work using a combination of smartcardservices
from MacOSforge and Thursby's Pkard, but I have not been able to get it to
work with a directory account.
Yoann Gini has a great set of instructions and a modified sc_auth which I
tried. The sc_auth does put the smart card's hash into the Open Directory
account's Authentication Authority, but I still can't get the login window
to ask for a PIN if the account is on the directory.
Any ideas? Clues? Step by step instructions?
Thank you,
John
_______________________________________________
SmartcardServices-Users mailing list
SmartcardServices-Users at lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/smartcardservices-users
More information about the SmartcardServices-Users
mailing list