cancel
Showing results for 
Search instead for 
Did you mean: 
afereday
Level 7

Problems authenticating Apple products against AD

Has anyone had any success of have any advice for getting Apple products to authenticate against AD in web gateway.   We have ongoing problems with IOS and OS X.

We can get the user to auth and the apple device will cache the creds for a while.  It appears that fairly randomly (about every 30 mins) the device will flush the cache forcing the user to auth again.  Also it would be nice if we could somehow determine a device is an apple device and apply different rules.  The Agent string is too unpredictable as it's easily spoofed and each app could present itself as something different. 

It's a bit of an open ended question but has anyone got any experience or advice on managing this?

0 Kudos
5 Replies
lubomir_cerny
Level 12

Re: Problems authenticating Apple products against AD

I am not sure why this cache flush occures and I have no Apple device in our MWG lan.

Maybe you can use PDStorage to store auth. token for IP-user pair and bypass proxy authentication for specified time. This should lead to no auth needed at all for specified time.

There is little example how to use PDStorage feature at Online Library: https://contentsecurity.mcafee.com/ruleset_library/dl?type=package&rule_id=50041

Hope this helps.

eL.

0 Kudos
yuems
Level 11

Re: Problems authenticating Apple products against AD

Hi,

We use MWG with IOS clients.
Did you use Manuel proxy settings? We use Manuel proxy settins and everthing works fine.

http://www.amsys.co.uk/wordpress/wp-content/uploads/proxyserveriOS-stepfour.png

0 Kudos
McAfee Employee

Re: Problems authenticating Apple products against AD

That's the right way to go. Safari will not necessarily carry the auth info between sessions. And will forget the info as it essentially will go to sleep in between usage and will clear some cache and thus you'll need to re-auth.

The method yuems describes it he way to solve that, but be aware that it might well be that this is basic auth only.

thanks,

Michael

0 Kudos
Troja
Level 14

Re: Problems authenticating Apple products against AD

Hi Michael,

how about MCP for MAC? :-)

Cheers,

Thorsten

0 Kudos
sunbury
Level 7

Re: Problems authenticating Apple products against AD

We use a product called Centrify on our Macs and Kerberos authentication for them on the MWG.  Users login using their AD credentials and don't have to login to the MWGs.

They have a product for the iPads but only through the mobile management suite.

0 Kudos