Earlier this year we took a big step towards improving customers’ experience with Apple devices by providing companies with the Microsoft Enterprise SSO plug-in for Apple devices. This plug-in enable...
Updated Aug 22, 2023
Version 1.0
Blog Post
Hi all,
does anyone know where to find information about TokenToUserMapping property and how to use it? I've been scratching my head for about a week now but was unable to find anything.
I'm referring to these settings:
I don't understand how we should deal with user accounts. When Entra/Azure AD user logs in to macOS with their account say:
mailto:email address removed for privacy reasons
macOS will create a local account – user.nameexample.com which is very confusing for users. If you reboot your Mac you won't be able to sign in if you try mailto:email address removed for privacy reasons – this account is simply not there and your Mac is not yet online.
The only way to sign in is to key in "user.nameexample.com"
I was hoping to use TokenToUserMapping MDM profile attribute and tried a dozen different options such as:
With and without {{ }} with and without USER.
Uppercase, lowercase... nothing works... so annoying 😞
Any help would be much appreciated.