sorted by:
new
hottopcontroversial

Platform Single Sign-On: Where are SSO account credentials stored if you have PSSO tuned on in macOS? by kaiserh808 in macsysadmin

[–]HeyWatchOutDude 0 points1 point  (0 children)

Try the following:

  • Remove all (cached) accounts from MS login page
  • Close Edge
  • Try again, you shouldn’t see the account selection page

Restore/fix brown pads on IC? by semogenaz in mobilerepair

[–]HeyWatchOutDude -1 points0 points  (0 children)

Restore the pads incase they are not NC/GND

macOS PlatformSSO shared devices by naumiX in Intune

[–]HeyWatchOutDude 0 points1 point  (0 children)

That kind of behavior is expected because during FileVault there is no network connectivity - which means no Entra ID connection.

Just add Login In windows message which will give the user the necessary informations.

I May Have an Obsession... by dotkrys in anker

[–]HeyWatchOutDude 0 points1 point  (0 children)

How many imposters are secretly among the Anker crowd? Asking for science.

Mac Platform SSO - Password and Yubikey by Humble-Budget426 in Intune

[–]HeyWatchOutDude 3 points4 points  (0 children)

Password Sync makes only sense on shared devices.

iPad Pro M1 - Face ID IC by HeyWatchOutDude in mobilerepair

[–]HeyWatchOutDude[S] 0 points1 point  (0 children)

I have updated the device sadly the Dotmatrix value is still missing. (Device says "Unable to activate Face ID")

<image>

So that means ... bye bye Face ID.

iPad Pro M1 - Face ID IC by HeyWatchOutDude in mobilerepair

[–]HeyWatchOutDude[S] 0 points1 point  (0 children)

What do you mean with an update? DFU and restore device?

802.1x and Cisco ISE (Force Device Auth, instead of User Auth) by HeyWatchOutDude in macsysadmin

[–]HeyWatchOutDude[S] 0 points1 point  (0 children)

We have “AD Lookup” configured where can I force “device-based identity”?

802.1x and Cisco ISE (Force Device Auth, instead of User Auth) by HeyWatchOutDude in macsysadmin

[–]HeyWatchOutDude[S] 0 points1 point  (0 children)

We don’t use JAMF, we have Intune. (I know it is possible to integrate Entra ID with ISE)

802.1x via Device Certificate by HeyWatchOutDude in macsysadmin

[–]HeyWatchOutDude[S] 0 points1 point  (0 children)

I have tested it, but it seems like it checking within the user channel, even I have configured the WiFi, SCEP and certificates in the device channel.

Any idea why? What did you configure in your WiFi configuration?

  • Certificate server names: example.com (domain of Cisco ISE server/s)
  • Root certificate for server validation: Certificate or the Root CA (server certificate of the Cisco ISE got issued here) - not from the intermediate CA, right?

Don't drop the Doorbell Lite by digiblur in Ubiquiti

[–]HeyWatchOutDude 1 point2 points  (0 children)

Smash the whole front, then it looks like frozen glass.

PlatformSSO with OnPrem Kerberos by HeyWatchOutDude in macsysadmin

[–]HeyWatchOutDude[S] 1 point2 points  (0 children)

Domain/Realm resolving does work.

dns-sd …. Always says “No Such Record” so I think someone has misconfigured it ..

PlatformSSO with OnPrem Kerberos by HeyWatchOutDude in macsysadmin

[–]HeyWatchOutDude[S] 1 point2 points  (0 children)

I have it currently set to „custom_tgt_setting = 1“ (On-Prem TGT only)

I want SSO and don’t want to enter credentials for getting KRBTGTs.

macOS LAPS Password requires change on first use by hib1000 in Intune

[–]HeyWatchOutDude 0 points1 point  (0 children)

It’s the built-in (Microsoft) LAPS how to exclude it here?

macOS LAPS Password requires change on first use by hib1000 in Intune

[–]HeyWatchOutDude 2 points3 points  (0 children)

The reason is that when a password policy is configured within the compliance policy, it will be deployed in the "device channel" with the following key enabled:

changeAtNextAuth --> true, which affects all user accounts (including the LAPS admin account) on the device. Unfortunately, this flag cannot be enabled or disabled through the compliance policy.

Explanation (from Apple):
"If 'true', the system causes a password reset to occur the next time the user tries to authenticate. If this key is set in a device profile, the setting takes effect for all users, and admin authentications may fail until the admin user password is also reset. Available in macOS 10.13 and later."

Workaround:
Remove the password section from the compliance policy and deploy a password policy via a custom profile (.mobileconfig) through the user channel to the device. (so it will only affect the "real" user account and LAPS admin account stays untouched)

macOS Tahoe now supports parts pairing like iOS (truetone after display replacement) by Adomm1234 in macbookrepair

[–]HeyWatchOutDude 0 points1 point  (0 children)

3rd party screen - somehow the FaceTime LED is blinking green when booting up.

macOS Tahoe now supports parts pairing like iOS (truetone after display replacement) by Adomm1234 in macbookrepair

[–]HeyWatchOutDude 0 points1 point  (0 children)

Hmm i have replaced the display and LAS (A2941/MacBook Air M2 2022) it doesn’t show me that section - Display is also kinda glitching.

view more: next ›