[MacTUG] Question regarding Account provisioning

Kate Wood kate.wood at uwaterloo.ca
Mon Jan 8 11:24:07 EST 2024 

I believe we tie the machine to our Apple ID during setup, so that we don’t have problems regaining control of the device if the user leaves without properly handing the device over.

--
Kate Wood, MSc.
Manager, Client Services
Computing Facility, Faculty of Science
Physics 2004 (by appointment)
519 888 4567 x45973 (Teams is better)
[A picture containing graphical user interface  Description automatically generated]

From: MacTUG <mactug-bounces at lists.uwaterloo.ca> On Behalf Of Brent Blayney
Sent: Monday, January 8, 2024 11:20 AM
To: Shivam Patel <s545patel at uwaterloo.ca>; mactug at lists.uwaterloo.ca
Subject: Re: [MacTUG] Question regarding Account provisioning

Reusing the email address is fine, but Apple won’t let you use the same password for the computer as you do for your Apple ID.  So for Nexus joined Macs, it’ll be important that the user not use their WatIAM password for their Apple ID.  The Mac will prompt them to change the OS password and that’ll collide with Sailpoint and break stuff.  I’ve seen this happen enough times that I actually warn the user in advance of delivering the Mac – you’d be amazed at the number of people who are reusing their WatIAM passwords for other services.

We do create a local account for us to manage the machines and generally make the end-user an admin and create a SecureToken for them.

Brent Blayney, BA (he/him)
Information Technology Specialist
Faculty of Science
University of Waterloo
Physics 2006
519-888-4567 x40648
[Shape  Description automatically generated with medium confidence]



From: MacTUG <mactug-bounces at lists.uwaterloo.ca<mailto:mactug-bounces at lists.uwaterloo.ca>> on behalf of Shivam Patel <s545pate at uwaterloo.ca<mailto:s545pate at uwaterloo.ca>>
Date: Monday, January 8, 2024 at 11:10 AM
To: mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca> <mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca>>
Subject: [MacTUG] Question regarding Account provisioning
Hey all,

Just curious what naming convention you all are using for local accounts on the Mac Devices you manage. Do users that own these devices use their WatIAM email’s for their Apple ID’s? Also from an administration perspective, do you also create a secondary local “IT Administration” account for administrators to access the machine?


Regards,
Shiv
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20240108/274cbe07/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 11994 bytes
Desc: image003.png
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20240108/274cbe07/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 3766 bytes
Desc: image001.jpg
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20240108/274cbe07/attachment-0001.jpg>

More information about the MacTUG mailing list