By Greg Keller Posted January 27, 2017
There are two ways to create a user on macOS platforms. One way is to do so manually. The second is to leverage an automated solution such as Directory-as-a-Service®. In this blog post, we will focus on the automated user management path rather than the manual method.
Importance of Centrally Controlling macOS Users
There’s no denying that Macs are on the rise in the enterprise:
The ever-increasing popularity of Macs in the workplace means that managing users on your macOS devices is critical. Without having central control over users, IT admins lose control over Apple devices. That means, though a user has full control over the device, IT cannot deactivate credentials if a user leaves the company. IT can neither control what a user can do with their macOS device nor have fine-grained permissions for access.
For users, their device login is not in sync with the rest of their IT resources, which forces them to have multiple logins.
IT admins have always struggled with managing macOS devices.
While Microsoft Windows devices have had various tools to manage them, Apple Mac platforms have largely been out of luck. This is especially true when it comes to user management. Microsoft Active Directory® has historically been the central user management system for organizations.
The problem? The Windows-centric AD struggles with controlling access to Mac and Linux devices.
Significance of the Cross-Platform Environment
When it comes to macOS devices, Directory-as-a-Service is the centralized user management system of choice. A small and lightweight agent is placed on each macOS machine. The agent is the conduit from the SaaS-based directory service to provision, deprovision, and modify user access. Access is securely and remotely managed from a central, web-based console. The user’s credentials for their Mac can also be the same credentials that are used with G Suite or Microsoft Office 365.
In a sense, the user’s Mac credentials can also become their single sign-on identity to the rest of their IT resources. This is what used to be possible with all-Microsoft networks leveraging AD, but that concept of a domain login has largely faded away as the market has shifted to a cross-platform, mixed environment.
Simply Create a User on macOS via JumpCloud®
Automating macOS user creation is an important step for IT admins to centrally manage their environment.
The process with a cloud-hosted directory service is simple:
- A user is created in the central web console and then provisioned on their device and elsewhere.
- The user can be tagged with the groups that they are a part of and quickly granted access to those IT resources. With these capabilities, a user account can be created on devices, applications, and networks.
We also offer a short video demonstrating the Mac user management capabilities that are possible with JumpCloud: