![]()
If Per App VPN is used, the Kerberos SSO extension uses the Per App VPN only when the requesting app or website is configured to use it.ĭomain reachability: Use an LDAP Ping to the domain to request and then cache Active Directory site codes for the current network connection to the domain. VPN support: Supports many different network configurations including various VPN technologies such as Per App VPN. This information is used to provide password expiration notifications and request new credentials if the user has changed their password on another device. Password expiration: Requests password expiration information from the domain immediately after authenticating, after password changes, and periodically during the day. The extension also supports changing the Active Directory password when the authentication dialog is showing or using a URL to a separate website. The certificate identity can be on a CryptoTokenKit smart card, an MDM-supplied identity, or the local keychain. The Kerberos SSO extension features for iOS and iPadOS include the following:Īuthentication methods: Adds support for multiple different authentication methods including passwords and certificate identities (PKINIT). It doesn’t request Active Directory site codes or refresh a Kerberos Ticket Granting Ticket (TGT) until challenged. In iOS and iPadOS, the Kerberos SSO extension is activated only after receiving an HTTP 401 Negotiate challenge. Privacy Preferences Policy Control payload settings.Dynamic WEP, WPA Enterprise, and WPA2 Enterprise settings.Kernel Extension Policy payload settings.Extensible Single Sign-On Kerberos payload settings.Extensible Single Sign-On payload settings.Exchange Web Services (EWS) payload settings.Exchange ActiveSync (EAS) payload settings.Conference Room Display payload settings.Certificate Transparency payload settings.Certificate Revocation payload settings. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |