RE: [Fed-Talk] Identity Preference Tool for 10.4.x
RE: [Fed-Talk] Identity Preference Tool for 10.4.x
- Subject: RE: [Fed-Talk] Identity Preference Tool for 10.4.x
- From: "Arendt Christopher D 1st Lt AFIT/ENS" <email@hidden>
- Date: Mon, 26 Jan 2009 23:32:57 -0500
- Thread-topic: Identity Preference Tool for 10.4.x
All,
If that 10.4.x manual Identity Preferences tool is out there somewhere, I'd still like it.
In the mean time, I've developed a (complicated) work-around:
1. Use well-behaved secure server to generate automatic Identity Preference for CAC certificate (I used the AFPC secure site).
2. Duplicate login.keychain in ~/Library/Keychains that contains newly generated automatic Identity Preference for CAC certificate.
3. Open the duplicate copy of login.keychain in Keychain Access.
4. In Keychain Access, edit the URL of the duplicate login keychain's version of the automatically generated Identity Preference.
5. Drag (add) the edited version of the Identity Preference to the original login keychain.
The devil is in the details. You may need to generate a couple duplicates of the original login.keychain.
For my uses, I had to generate two (2) copies of the auto-generated Identity Preference for each secure server I wanted to visit:
The first copy, I edited the Identity Preference URL to https://secure.server.address
The next copy, I edited the Identity Preference URL to https://secure.server.address/
For some reason, for the sites I wanted, I needed both versions of the Identity Preference.
Or, at least, this was the method with which I could re-create my success.
Once completed, I'll post this work-around on my idisk:
http://idisk.mac.com/captarendt/Public?view=web
Good luck!
-Christopher D. Arendt, Capt, USAF
Master's Student
Air Force Institute of Technology
-----Original Message-----
From: fed-talk-bounces+christopher.arendt=email@hidden on behalf of Arendt Christopher D 1st Lt AFIT/ENS
Sent: Sun 1/25/2009 10:28 PM
To: email@hidden
Subject: [Fed-Talk] Identity Preference Tool for 10.4.x
The Air Force Institute of Technology is moving to a CAC-only log-in system, and I'm developing some tools and procedures to get our Mac users compliant with this new system.
I've managed to get compliance on all Macs running 10.5.x, but for Macs running 10.4.x, we need to be able to create some Identity Preferences for our web-based Cisco ASA VPN sites.
I read in the message below that Shawn Geddis has a tool for manually creating Identity Preferences in 10.4.x:
http://lists.apple.com/archives/Fed-talk/2007/Nov/msg00045.html
Does anyone know how I can get a copy of that tool?
Thank you.
-Christopher D. Arendt, Capt, USAF
Air Force Institute of Technology
Wright-Patterson Air Force Base
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden