Thursby's ADmitMac PKI was designed to do what you need. It provides PIV middleware supported by Thursby too. ADmitMac PKI can obtain CRL and trusted certificates from Active Directory and group policy as well, so it configures automatically and keeps your trust settings up to date.
Paul Nelson CTO Thursby Software Systems, Inc. On Mar 30, 2011, at 7:38 AM, Rowe, Walter wrote: Does anyone have OS X working with USAccess (PIV) cards against an Active Directory domain? I can bind an individual PIV card to an individual user on an individual OS X system using directory service commands. For an AD user logging into OS X, the mobile account has to be created on the OS X client before binding the PIV certificate to the user.
Can OS X query AD directly for the PIV certs and creds? Will OS X honor CRLs? What are others doing on OS X clients to meet HSPD-12?
-- Walter Rowe, System Hosting Enterprise Systems / OISM 301-975-2885
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
|