Mosyle Auth for Login Screen Window on macOS
- From the Dashboard, navigate to “Organization” from the menu at the bottom, scroll down and select “Single Sign-On”.
- Click on “Add new profile” to configure the SSO.
- To continue configuring this profile, enter the Profile Name and select the option "Mosyle Auth for macOS" from the dropdown menu so end-users will be able to log into the Mac computers through a Login Window using the same credentials from the IdP service.
Important note: Mosyle Auth for macOS (Login Window) only works on macOS 10.12 or later (macOS Sierra).
- Next, select the Identity Service from the dropdown menu: Microsoft, Google, ADFS, Active Directory (LDAP) or On-Premises Active Directory.
The On-Premises Active Directory is only available for Mosyle Auth. You can select to auto-sync the password on Mosyle Auth when using On-Premises Active Directory as the Identity Service. To configure this option, just enable the checkbox next to this option when configuring the Single Sign-On profile within Mosyle Business. If you select Google or Microsoft as the Identity Service combined with the Mosyle Auth for macOS (Login Window), you’ll need to select who will be able to authenticate on the macOS. You can choose to allow only user email addresses previously registered on Mosyle, or enter the specific domains of your educational institution, allowing all the emails from this domain to authenticate on devices.
Important note: When selecting an Active Directory Identity Service, you must select the Active Directory integration. If you didn’t configure the Active Directory integration, navigate to “Active Directory” and follow the steps to complete this integration.
- Finally, configure the profile assignment by selecting what users and/or devices will receive this profile.
Important note: To use Mosyle Auth during Automated Device Enrollment and replace the Login Window with Mosyle Auth, you must check the options "Skip creation of local user" and "Create additional local admin during Automated Device Enrollment" on the Automated Device Enrollment profile.