Mac OS X: Ever wanted to integrate your Macs in a Active Directory environment with Two-factor authentication (Part 1)?

Simple AD Integration using knowledge as authentication key, is for some data to protect not enough. So if you want to raise the bar you add ownership (Smartcard, USB Dongle, e.g.) to the knowledge only authentication system.

So first stone on your way if you use Snow Leopard, you have to be aware that the Directory Utility has been moved from the Utility folder to Core Services. /System/Library/CoreServices/

Then you might want to enable the smart card login feature of Mac OS X using Apple’s nice walk-trough

If can not get you Smart Card based solution running using Apple’s on board tools, you might consider using Centrify’s active directory Implementation:

If you are still unsure what you really need, there is a very good post about alternative authentication methods for Mac OS X from Ryan Faas @peachpit

Of course you might ran in some problems and traps, to prevent you from going wild, there are some ongoing discussions at the Apple Boards:

Related Posts

Fix Unknown User ACL


January 23, 2008

Mac OS X

No Comment

Log in as an administrator. Open Terminal (in /Applications/Utilities). Type the following commands, each on a single line and followed by Return (enter an admin password when prompted): sudo dscl . create /Groups/username GroupMembership username sudo dscl . change /Groups/username RecordName username _username Replace the italicized “username” with your account username (which is also the […]

Read More

Terminal: Dealing with Immutable Files and Folders

If you have followed all the advice in the Knowledge Base articles “Mac OS X: About Trash, Deleting Locked Files – Article ID:106272” and “Mac OS X: Troubleshooting Permissions Issues” and are still unable to empty the Trash, or move an item to the Trash, you may have an immutable flag set on one of […]

Read More

Leave a Reply


  • An error has occurred, which probably means the feed is down. Try again later.