![]() ![]()
To avoid reaching the unbound certificate limit, ensure that users use the unbound certificates already on the device before you attempt to obtain more certificates through enrollment. As a security precaution, Okta will not issue more than five unbound certificates to a given device. Okta can issue up to five unbound certificates to the device, one each time you perform the enrollment procedure. Per-device unbound certificate limit: A certificate becomes bound to a given user the first time that user accesses a device trust-secured application from a device trust-secured macOS device.To prevent end users from being prompted for consent when the certificate is used in the authentication flow, Okta allows the following apps. The webview in which authentication is performed must have access to the Okta Keychain on the device. Webview must have access to the device keychain: Device Trust for managed macOS computers works with any SAML/WS-Fed-enabled app that supports authentication through a webview. #JAMF PRO SUPPORT REGISTRATION#(Note: Be aware that disabling syncing blocks all keychain transfers.) See the Add the modified Okta Device Registration Task to Jamf Pro and distribute it to macOS devices. Prevent iCloud from transferring the Okta keychain to other Apple devices: To prevent iCloud from transferring the Okta keychain from DT-secured macOS devices to other Apple devices, Okta strongly recommends that you create a Configuration Profile in Jamf Pro that disables Allow iCloud Keychain syncing.However, it doesn't work with Microsoft Office thick client version 16.14 (build 180610). For information about securing Office 365 clients that use legacy protocols, see Office 365 Client Access Policies.ĭevice Trust isn't supported with all versions of Microsoft Office thick clients: This Device Trust solution has been tested to work with Microsoft Office thick client versions 16.13.1 and 16.15. For more information, see this Microsoft article. Modern Authentication required for securing Microsoft Office apps: To secure Microsoft Office apps with this Device Trust solution they must be enabled to support Modern Authentication.For this reason, it is recommended to issue certificates only to the devices that require access to secure resources. #JAMF PRO SUPPORT UPGRADE#
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |