Jump to content

Recommended Posts

Posted

Our customers have really liked the authentication behaviour on Windows endpoints with Entra ID. The just select ”Connect” and the tunnel is established (as long as CA policies don’t require them to re-authenticate or the Force authentication knob is disabled in the SAML settings).

Now the customer is bringing in macOS devices that are Intune managed and Entra-joined (device status shows ”compliant”), but with these endpoints the user needs to authenticate every time.

I believe this is not related to the primary refresh token, but to the differences between Win/macOS SAC. I noted that when using Entra auth on the macOS, a separate module/engine is launched for the authentication dialogs, so, that bit should somehow be able to cache the authenticated session. However, that doesn’t seem to be the case.

Has anyone else run in to a similar issue?

Resolving this would help us getting the macOS’ closer to an always-on VPN -like use-case.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...