Thursday, November 6, 2008

Macs to gain smart card-based login to Active Directory

Just like their Windows coworkers, Mac users in the enterprise will have more options to log into Windows Active Directory services using smart card technology. According to access-control management company Centrify support for smart card-based login will be available next month. A beta version is available now.

On Wednesday, Centrify announced the release of its DirectControl 4.2 for Mac OS X software as well as the card client software supports Common Access Cards (CAC) and Personal Identity Verification (PIV) cards as well as with other cards that support the Apple TokenD interface. Dubbed Centrify DirectControl for Mac OS X Smart Card edition, the software will cost $90 for a single copy.

DirectControl 4.2 will come with some new security policies, the company said.

Finder Lock is one of more than 200 Mac-specific Group Policies that Centrify has developed to help administer Macs from the same centralized administrative tools from which Windows computers are managed. Other policies added in this release include enforcement of a computer policy to require smart card login, a removal policy to either lock the screen or force a logout when the smart card is removed, and additional security controls.

Improved support for Active Directory policies is one of the Mac headaches for IT managers in the enterprise. Smart card login will improve user experience.

For example, longtime Mac connectivity vendor Group Logic (the maker of Mass Transit) last month released the results of a survey of 350 IT pros about Mac/Windows IT issues. Some 70 percent of the respondents said they currently had Macs in their companies and an additional 6 percent were planning to bring in Macs in the “near term.”

Here was the hot list of Mac integration issues from the survey:
  1. Adapting Active Directory policy to support Macs — 38 percent.
  2. Help desk calls from Mac users — 35 percent.
  3. Compatibility and/or data corruption issues — 27 percent.
  4. Lack of IT/file naming policy enforcement tools — 25 percent.
  5. Maintaining the full “Mac Experience” for their end-users — 24 percent.
Source:zdnet

No comments: