Embed Size (px)
DESCRIPTION
PDF demonstrating Smartcard logon from Mac to Microsoft AD
Citation preview
Smartcard logon to AD from Mac
This is the screen without a card in the reader. Nothing is changed the user can work like he done before.
Put the card in to the reader witch changes the logon to the user in the “Microsoft logon certificate on the card” and a PIN dialog instead of password.
Enter the PIN and the logon to the AD begins. The logon is a standard PKINIT loggon with PKI to the AD KDC exactly the same as a Windows client will do.
Now the ”AD user” are logged in locally to the local AD user on the Mac and to the AD and can use all of the resources that the user are allowed to use, file shares, printers etc. And now it is possible to administrate the user and Mac client with AD Group Policy “GPO”.
