With the recent introduction of macOS® Catalina™, many IT admins are wondering about how the pending OS changes will affect how they can manage their Mac® fleets. A key consideration that’s driving this curiosity is specifically how they will manage macOS user access.
Let’s discuss some of the potential changes that may arise with macOS Catalina user management. First, however, let’s look at how IT admins have been managing macOS users as a whole before Catalina.
Managing Users in IT Organizations
User management is a critical part of the role of any IT admin or DevOps engineer. Provisioning, deprovisioning, and modifying user access to various IT resources is how IT admins help users leverage those resources to get their jobs done. User management is also a key component of identity security, that is, making sure only the right people can access critical resources so bad actors cannot slip in where they don’t belong.
Traditionally, most IT organizations have leveraged the on-prem identity provider, Microsoft® Active Directory® to manage their users. Active Directory (AD) works especially well for on-prem, Windows-based systems and infrastructure. The challenge, historically, has been using AD to manage user access to macOS devices.
macOS User Management with AD
As the IT landscape has continued to shift to non-Windows resources such as macOS and Linux® systems, AD has struggled. Add in web applications, cloud infrastructure, WiFi networks, and more, and IT admins have a major challenge on their hands.
For many organizations, macOS has become a core part of their IT infrastructure, and as such, users of the platform must be managed. Unfortunately, AD is simply not designed for Macs, and subsequently has a hard time managing Mac systems and their users. IT admins have either managed macOS user access manually or leveraged directory extensions, called identity bridges, to extend their Active Directory instance to Mac systems.
Changing macOS Management
Over the last few macOS releases, Apple has been dramatically changing their preferred model of managing access for macOS users. With the introduction of the Secure Token concept, Apple (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/macos-catalina-user-management/