What is the state of the Active Directory in macOS Golden Gate. We've had issues in both Tahoe and Sequoia like login timeouts with OpenDirectory/ActiveDirectory, UID collisions between usernames, etc.
We still need it for lab logins. If I missed something and there is a new way for students to login and logout easily on lab workstations that doesn't involve AD, I'd be all for it.
Platform SSO and other auth methods are great for faculty and staff but labs are another story. So I'm curious what will be the best practice going forward.
Thanks for the questions!
Microsoft themselves has created and generally recommends their own modern replacement for direct Active Directory binding using the Platform SSO framework, which they ship an extension supporting it as part of their Company Portal product.
For multi-user device usage on macOS, we view Platform SSO as the future of user management and authentication in this space.
That being said, macOS Golden Gate does continue to support the existing Active Directory binding technology that macOS has had all this time.
If you're experiencing issues with Active Directory binding, we'd encourage you to open an AppleCare OS Support agreement case where we can work in-depth to provide formal support for what seems to be going on in your environment.
If you don't have an AppleCare OS Support agreement - while it's not a direct OS support product, you could still (and should) file a Feedback via Feedback Assistant with any sysdiagnoses captured from devices experiencing problems (ideally captured shortly after the problem appears).
Separately from this, you mentioned that Platform SSO is "great for faculty and staff but labs are another story".
This sounds like there are gaps or missing features in the technology which would allow your organization to adopt its usage. If that's the case, we'd also separately recommend that you file a Feedback with those details about what's missing / not working (and if they're errors while attempting to use it, please include sysdiagnoses captured from those devices in the filing!) - and separately, we would encourage that you reach out to Microsoft product support themselves and let them know directly about your experience with Company Portal and their Platform SSO product so that both of our companies can look together at what's going on in your situation.
If you have existing AppleCare cases or Feedbacks in this space already, please do mention their FB# or AppleCare case numbers (no titles) in this thread. Thank you for the feedback! 👍
