Good Morning, If I wanted to have my Mac (or others) register their DNS name in Active Directory DNS, outside of setting DNS to accept unsecured registrations, how do we accomplish this on a Mac? Is this even possible? If there is a better forum for these types of questions, please let me know. Thanks, Blind

I have a notarized application that's embedding a lots of frameworks. When installed on Big Sur, it can be run normally as a local non admin user. When executed as Active Directory user however I'm getting the following error message: "The application with bundle ID x.y.z is running setugid(), which is not allowed. Exiting." I removed all calls to setegid and that sort, traced calls with dtruss and I'm pretty sure no privilege elevation is being done. Any help would be much appreciated.

Hello, we are trying to implement the Kerberos SSO extension for iOS App. Corresponding MDM Profile is registered in Blackberry UEM und pushed to iPad. Wenn we navigate to certain URL (for example with Safari),   public func beginAuthorization(with request: ASAuthorizationProviderExtensionAuthorizationRequest) method in our extension is being invoked. As far as we understand, we have to fill the appropriate authorization headers, but we do not know exactly what is being expected. We assume that we have to build headers with the help of GSS Framework, but we are not sure about this The documentation does not help us enough. Could you please give us a sample code for handling of beginAuthorization(...) that can be used in the SSO extension. Thank you in advance for help. Best Regards, Alexander Smoljar

We have a Hybrid iOS Application build on Cordova Plugin, and it worked with Old Kerberos SSO -credential based authentication. Recently, we have updated the New Kerberos based SSO by following the presentation ( https://developer.apple.com/videos/play/tech-talks/301/ ) . After which the hybrid app is not prompting for the HTTP response challenge, but it should support for the New Kerberos SSO – credential-based authentication. We could see the response header has the below attribute for SSO handshake challenge.   Www-Authenticate: Negotiate, Basic realm="IBM Security Access Manager for Web" But the auth prompt screen is not appearing, and connection is throwing with 401-unauthenticated response. Note : We can see this below prompt for Old Kerb -SSO but it’s not showing up after New Kerberos SSO. System Specification: XCode – 13 Cordova 6.2.0 iPad -15.0 Please let us know if any solution would solve this. Thanks