Posted November 28, 2024Nov 28 Our customers have really liked the authentication behaviour on Windows endpoints with Entra ID. The just select ”Connect” and the tunnel is established (as long as CA policies don’t require them to re-authenticate or the Force authentication knob is disabled in the SAML settings). Now the customer is bringing in macOS devices that are Intune managed and Entra-joined (device status shows ”compliant”), but with these endpoints the user needs to authenticate every time. I believe this is not related to the primary refresh token, but to the differences between Win/macOS SAC. I noted that when using Entra auth on the macOS, a separate module/engine is launched for the authentication dialogs, so, that bit should somehow be able to cache the authenticated session. However, that doesn’t seem to be the case. Has anyone else run in to a similar issue? Resolving this would help us getting the macOS’ closer to an always-on VPN -like use-case.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.