macOS® Catalina™ Azure® AD Integration

Written by Zach DeMeyer on August 23, 2019

Share This Article

Among the many IT resources being used by today’s organizations, Mac
® systems and Azure®, with its associated Azure Active Directory® (AD), are rising to the top of the list. With the new release of macOS® 10.15 Catalina™ coming this fall, many IT admins are wondering about the macOS Catalina Azure AD integration that is rumored to be included with the new OS. While nothing with Apple® can be definitive until the day the OS ships (or even a couple days after, for that matter), it does seem like Apple is making it easier for Macs to connect to Azure AD.

Mac and Windows®: A Bitter Feud

The concept of integrating Macs into the Windows ecosystem is one that has long been troublesome for IT admins, way before Azure was even a blip in the marketplace. If you’ve paid even the slightest attention to the personal computer market over the past two decades, the difficulty in making Macs and Windows systems play nicely makes a great deal of sense. Macs vs. Windows is one of the most iconic rivalries around, a la Coke vs. Pepsi, Red Sox vs. Yankees, etc.

This feud of operating systems has permeated into the identity management realm as well. Historically, Microsoft has dominated the identity management space with Active Directory®, their on-prem directory service. Of course, this was largely due to the fact that the vast majority of systems within an organization were Windows-based. As we’ve progressed deeper into the 21st century, the IT landscape has changed and shifted as macOS and Linux® machines have become much more popular. Unfortunately, managing them with AD is nothing short of a struggle for IT admins.

Taking a step back from systems, however, it’s far more than just Macs and Linux systems that AD is struggling with these days. The on-prem IT network has shifted to the cloud, with web applications and cloud infrastructure in use in most of today’s organizations. AD simply wasn’t designed for these innovations, so Microsoft needed a new solution.

Azure AD: AD from the Cloud?

With the rise of cloud infrastructure came Azure, Microsoft’s response to Amazon® Web Services (AWS®). Since entire user bases once managed in AD also needed an identity in the Azure cloud, Microsoft created a way to bridge said AD identities to Azure: Azure AD. The Azure AD suite propagates AD identities to Azure and Office 365™, and also includes limited single sign-on (SSO) abilities for a select few web applications.

After its onset, there were some who thought Azure AD would essentially be the cloud version of AD, but this is not the case. Azure AD still relies upon AD as the identity source of truth, which unfortunately means that it experiences similar limitations to AD regarding non-Windows endpoints.

macOS Catalina Azure AD Integration

In the announcement of their pending macOS release, Apple made it seem like Catalina will allow IT admins to authenticate macOS devices via Azure AD. At the moment, it’s unclear exactly what the mechanisms are that Apple intends to use to do so. Apple has indicated that the new Macs will support SAML and, perhaps even Kerberos (which would be more useful with Active Directory than Azure AD).

While it would be a step-up to be able to authenticate Macs with Azure AD, it still leaves many problems for IT admins to solve, including how to provision and manage those user accounts on Macs, as well as system management over those Macs (think the equivalent of GPOs for Windows machines). 

Additionally, many of today’s IT admins and DevOps engineers are leveraging non-Windows / non-Microsoft resources such as AWS, G Suite™, VPNs, web applications, WiFi networks, NAS appliances, and many more. All of these resources need to be tightly managed as well, but unfortunately, AD + Azure AD aren’t optimized to do so.

A Solution on the Horizon

Thankfully for IT admins of heterogeneous endpoint environments, there’s a solution that can pick up the slack for AD and Azure AD. This solution is a cloud directory service that can manage user identities and their access to virtually all IT resources from one centralized cloud admin console. Whether it be systems, networks, infrastructure, applications, file servers, or any combination thereof, this cloud directory service provides end users with a single set of secure credentials to access them all. 

All of this and more are available from JumpCloud® Directory-as-a-Service®. IT organizations can seamlessly integrate macOS Catalina systems, as well as their Azure AD identities into JumpCloud. End users only need to leverage their single set of JumpCloud credentials to access them, along with the various other resources being managed by JumpCloud. Beyond that, admins can manage and automate security settings on macOS Catalina devices at scale using JumpCloud’s cross-platform Policies

Try JumpCloud Today

If you are interested in macOS Catalina Azure AD integration, try JumpCloud today! By signing up for JumpCloud, you get full access to the Directory-as-a-Service product, ten users available at your discretion for as long as you need them

You can also schedule a free personalized demo to see JumpCloud in action before you try. If you have any questions about JumpCloud in general, please check out our blog to learn more, or just give us a call or send an email, and we will get back to you as soon as possible.

Zach DeMeyer

Zach is a Product Marketing Specialist at JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, music, and soccer.

Continue Learning with our Newsletter