On June 6, Apple announced a new wave of beta operating systems for their device platforms, including macOS Ventura and iOS 16. Contained in these operating systems are a whole host of welcome improvements in the consumer-facing side of the platform, from Shared Family iPhoto Libraries to new Lock Screen enhancements, according to Joel Rennich, head of device identity, JumpCloud, and Tom Bridge, principal product manager, JumpCloud
JumpCloud is an U.S.-based enterprise software company headquartered in Denver, Colorado. Here’s a statement to Apple World Today from Rennick and Bridge regarding the benefits of macOS Ventura: End users are no doubt going to be delighted by these improvements in Apple’s workflows. Mac Admins in the Enterprise, however, should be positively ecstatic with the under the hood changes in these operating systems. There are two massive features that every Mac Admin should be excited about: Platform SSO and User Enrollment SSO.
Identity on macOS has long been a challenge for Mac Admins, with only the ability to bind the device to local Active Directory servers. As the world has moved past Active Directory’s monolithic on-premises architecture, toward a modern, cloud-based authentication solution, Mac Admins were stuck using old and fragile bindings to do increasingly difficult contortions. Worse, if your user forgot their Active Directory credential, you had to remove the AD binding and set it all up from scratch again. If you wanted to set things up without an AD binding, but then you needed to use a third party app like NoMAD to manage your Active Directory authentication, and the increased complexity wasn’t worth the aggravation for a lot of smaller organizations. It was a tough time to be a Mac Admin.
Beginning with macOS Big Sur and the release of Single Sign-On Extensions, there was a light at the end of the tunnel. Admins could set up one of these extensions to get an overlay of authentication with corporate identity solutions for Kerberos-based access to local resources. This was a welcome step, but it still wasn’t the same as delivering cloud-based authentication. Users still faced multiple trips through the various login windows to get the appropriate access to their company resources, and Mac Admins still had a fair amount of work to do to make sure it all worked right.
Thankfully, with the arrival of macOS Ventura later this year, it appears that Mac Admins may have a great way to unify all their identities in the cloud, through the use of Apple’s new Platform SSO technology, which JumpCloud is thrilled to see. As a unique provider of both Identity and Apple Mobile Device Management (MDM), JumpCloud is ready to embrace the future where Mac Admins need only manage one set of credentials for their users, and not fear their users being locked out of key resources with no way to recover them.
With Platform SSO, JumpCloud can serve as your Open Directory Platform, managing the identity at the core of your business, and delivering that identity to your end users without having to do a complex AD bind that can break at a moment’s notice, or without your users having to reauthenticate multiple times. As JumpCloud is not just your Directory for Identity, but your Directory for Devices, only JumpCloud can deliver both halves of the equation to power the future of Device Identity, where users only ever sign into their Macs with centralized, monitored credentials, from the FileVault 2 Login screen, all the way to their individual SSO apps.