|
|
```markdown
|
|
|
# NoMAD Login AD
|
|
|
|
|
|
Hi everyone! You have found your way to the repo for **NoMAD Login AD**, or NoLoAD for short. This project can be seen as a companion to our other AD authentication product for macOS, [NoMAD](https://nomad.menu). You can use either one independently from each other, and both contain all the bits and pieces you need to talk to AD.
|
|
|
|
|
|
NoLoAD is a replacement login window for macOS 10.12 and higher. It allows you to login to a Mac using Active Directory accounts, without the need to bind the Mac to AD and suffer all the foibles that brings.
|
|
|
NoLoAD is a replacement login window for macOS 10.12 and higher. **(Currently there are known issues with 10.12)** It allows you to login to a Mac using Active Directory accounts, without the need to bind the Mac to AD and suffer all the foibles that brings.
|
|
|
|
|
|
## About this release
|
|
|
This is an early release of NoLoAD and is suitable for testing. It is not the feature complete version that will eventually ship, but right now it supports the core NoLoAD features.
|
... | ... | @@ -17,14 +18,14 @@ Please file any issues, or requested features, in the [project issue tracker](ht |
|
|
Getting started with NoLoAD is easy, but currently it takes a few steps. Be sure to have ssh enabled on your test Mac or VM so that you can still connect and revert to the Apple login window in case you run in to any issues.
|
|
|
|
|
|
### To install:
|
|
|
1. [Download the Preview 2 archive.](/uploads/7cc20af84afa353c9b8ee7b3cc7ed762/NoMAD_Login_AD_Preview_2.zip)
|
|
|
1. [Download the Preview 2 archive.](https://gitlab.com/macshome/NoMADLogin-AD/uploads/7cc20af84afa353c9b8ee7b3cc7ed762/NoMAD_Login_AD_Preview_2.zip)
|
|
|
2. Make sure that you have SSH enabled on your test Mac.
|
|
|
3. Make sure that you can login to your test Mac with SSH.
|
|
|
4. Copy the NoMADLoginAD.bundle to the /Library/Security/SecurityAgentPlugins folder.
|
|
|
|
|
|
Now we need to configure the AuthorizationDB so that the NoLoAD bundle will load at the login window. We've provided some scripts and templates to make this easy to do and easy to undo.
|
|
|
|
|
|
1. Open a Terminal window in the evaluate-mechanisms folder of the Preview 1 archive.
|
|
|
1. Open a Terminal window in the evaluate-mechanisms folder of the Preview 2 archive.
|
|
|
2. Run `sudo ./loadAD.bash` to load in the code bundle. All this script does is run the security command to load in the `console-ad-usercreate` file to AuthorizationDB.
|
|
|
|
|
|
Now you should be able to logout and find yourself staring at the majesty of NoMAD Login.
|
... | ... | @@ -40,10 +41,16 @@ When you decide that you've had enough it's easy to go back to the standard logi |
|
|
2. Run `sudo ./resetDB.bash` to reload the default `system.login.console` mechanisms into the AuthorizationDB.
|
|
|
3. If you've had to do this from a SSH session (Remember setting that up before?) you can them simply run `sudo killall loginwindow` in order to restart the login window to the defaults.
|
|
|
|
|
|
# Troubleshooting
|
|
|
You can find information on digging deeper into what went wrong on our [Troubleshooting](troubleshooting) page.
|
|
|
## What's new
|
|
|
* Now runs on macOS 10.12
|
|
|
* Intense debug logging can be enabled. ([See the wiki for details](https://gitlab.com/macshome/NoMADLogin-AD/wikis/Debug-Logging))
|
|
|
* UI tweaking
|
|
|
|
|
|
## Known issues
|
|
|
When logging in on 10.12, the first login for a newly created user may take a long time. Like several minutes long. We are working with Apple to understand why as it happens with users created with NoLoAD or System Preferences and it does not occur on 10.13.
|
|
|
|
|
|
# Thanks
|
|
|
Thanks to all of you for testing NoMAD Login AD! Please let us know about issues and features in the issue tracker. You can also find us on Slack in [nomad](https://macadmins.slack.com/messages/C1Y2Y14QG) and [nomad-login](https://macadmins.slack.com/messages/C88MFDLV8).
|
|
|
|
|
|
Happy testing! |
|
|
\ No newline at end of file |
|
|
Happy testing!
|
|
|
``` |
|
|
\ No newline at end of file |