Endpoint Services, macOS Single Sign-On (SSO) Extension, Getting Connected
A guide to setting up the native Single Sign-On extension on macOS.
University of Illinois faculty, staff, and students with the Single Sign-On Extension on their IT-managed Macs.
Apple's native single sign-on (SSO) extension helps keep Mac login passwords synced with the campus Active Directory, greatly reducing the incidence of keychain-related issues. Some campus IT Pros may choose to deploy the SSO extension to the Macs they manage. Because AD password syncing works only with local accounts, Apple recommends that existing mobile accounts be converted to local accounts. Mobile accounts using the SSO extension will still encounter keychain issues following campus password changes. Your unit IT Pro can assist with mobile-to-local account conversion.
Please note that macOS 10.15 (Catalina) is the earliest version of macOS on which the SSO extension is supported by Apple.
Initial setup of the SSO extension requires the Mac to be on the campus wired or wireless network, or connected to the campus VPN from an off-campus network.
- The first time you log in to the Mac after the SSO extension is installed, a sign-in dialogue will open automatically. Enter your netID in the Username field and your campus password in the Password field, and click the Sign In button.
Click Yes when asked if you would like to automatically sign in from now on.
A new dialogue will ask for your Active Directory and Mac passwords, to verify that they match.
If the passwords don't match, the extension will sync them by changing your Mac password to match your Active Directory password.
- Note: some mobile hot spots may prevent the SSO extension from connecting due to mobile carrier policy.
When you return from an offline or off-campus state to an on-campus state, the SSO extension should automatically reconnect, but if it does not, go to the key-shaped SSO icon in the top menu bar and select Reconnect.
After a campus password change, the SSO extension will notify you that you are signed in with incorrect credentials and prompt you for your current password.
The SSO menu offers a convenient Change Password menu option, which will open the NetID Center.
For questions about the SSO Extension, please consult your IT department.