Frequently asked questions about the Authenticator for Apple


Frequently Asked Questions – Authenticator for Apple

1. What does Authenticator for Apple do?

Authenticator for Apple authenticates users to the R3000 Internet Filter. The authentication process uses the credentials used to authenticate to existing directory services and is thus invisible to the end user.

 2. How is Authenticator for Apple deployed?

 Authenticator for Apple should be deployed to the desktop using Apple Remote Desktop, or a similar tool.

3. Can Authenticator for Apple be deployed using a login script like the Authenticator for Windows? 

The short answer is yes. However, this deployment model is not recommended, as in our own testing we found the complete execution of login scripts (when available) on the Apple workstations to occur much less than 100% of the time.

4. What OS is supported? 

10.5 is fully tested and supported, 10.4 compatibility is assumed, but has not been fully tested.

5. Are the plans to support 10.3 or earlier versions? 

There are no plans to support legacy 10.3 or earlier versions.

6. What Apple hardware platforms are supported? 

Only the Intel chipset platforms are supported. There is no support for PowerPC hardware platforms.

7. Are there plans to support the PowerPC platforms in the future? 

There are no plans to support the legacy PowerPC platforms.

8. How much hard disk space does the Authenticator for Apple use?

 Approximately 143k.

9. How much memory is used by the Authenticator for Apple when it is running? 

Approximately 1.5MB.

10. How does Authenticator for Apple work?

Authenticator for Apple comes with a configuration kit that allows the administrator to configure the mobile client for his/her network (i.e. identifying the IP of the R3000 etc.) Once complete a deployable software package is available, and should be deployed to the workstations using Apple Remote Desktop or a similar tool.

Apple for Authenticator runs at system startup. It will poll the directory services system on the workstation (this is the same information available via the dscl command.) Once the login information is obtained, this information will be sent to the R3000 authentication that user, and setting the appropriate profile for Internet access.

A heartbeat is sent to the R3000 in order to ensure that the profile remains active.

The Authenticator for Apple will also monitor the network interfaces. In the event that the physical interfaced used is changes (i.e. wired to wireless) or the IP address changes (i.e. DHCP release and renew) the Authenticator for Apple will update the R3000 with new login information insuring that the user remains logged in regardless of what happens with their connectivity.

When a user logs off, a logoff event is sent to the R3000.

11. Can a user log into multiple workstations with the same username?

Yes, each workstation will receive the Internet access policy assigned to that user.

12. Can I install Authenticator for Apple on an image and deploy that image on several workstations?

Yes.


Last Modified 4/29/2009.
https://support.trustwave.com/kb/KnowledgebaseArticle12710.aspx