macOS Catalina SAML Authentication

Written by Zach DeMeyer on July 24, 2019

Share This Article

The announcement of macOS® 10.15, Catalina™, at this year’s WWDC has many an IT admin curious of the OS’ new capabilities. One such enhancement is macOS Catalina SAML authentication. Given that admins have often struggled with the management of Mac® systems and their users in corporate IT, the prospect of SAML integration is an intriguing one.

Mac Management in Traditional IT

Historically, Macs have often been regarded as the “other” system by IT organizations. More often than not, corporate environments have been dominated by Windows® machines, with other, more technically-bent admins favoring Linux® for servers and other engineering processes. Obviously, in a world that was dominated by Windows systems, it simply made sense to manage said systems using Windows-focused solutions, i.e. Microsoft® Active Directory® and SCCM.

Although it’s superb for Windows machines, when it comes to managing Mac users and their systems, Active Directory (AD) simply struggles, and as such, IT admins have struggled, too. Not only was it difficult to connect Mac systems to Active Directory to manage user access, but securing and configuring them was challenging as well. 

Mac management friction has only further reinforced Macs as the “other” system in the minds of IT admins, as they would either need to manually manage them, or purchase additional solutions on top of their existing AD infrastructure to improve their Mac management. These solutions include identity bridges or even a completely separate directory, sometimes in the form of Apple Open Directory or even OpenLDAP™. Of course, this increased the overhead for IT admins, both in work time and cost.

Modern Mac Management with Catalina

Today’s IT landscape is considerably different. More end users than ever favor Mac systems, especially for marketing/design teams, although Apple® products are also entering the hands of engineers and developers as well. But, with Open Directory quietly fading into the background, not to mention the sharp uptick in cloud-forward IT thinking as of late, IT organizations are once again wondering about an ideal Mac management tool.

Apple is keenly aware of this fact, and, having realized this, have decided to better enable the average IT admin’s abilities to manage Macs and their users with macOS Catalina. Specifically, Apple is putting more effort into their MDM (mobile device management) infrastructure and now is enabling users to be authenticated via the SAML protocol. By opening their gates to MDMs and SAML, Apple is more or less equipping admins to use tools they already have in play to manage their Mac systems. 

Of course, this new authentication method is only half the battle; IT admins still need to have an identity provider, be able to authorize user permissions, and manage other access control to other IT resources, like networks, server infrastructure, apps, etc. So, what solution should they use?

Mac SAML Authentication and More From the Cloud

JumpCloud Directory-as-a-Service is the world’s first cloud directory service, a reimagination of AD for virtually all of today’s IT resources. With JumpCloud, everyone is a first-class citizen, especially Macs. IT admins can use JumpCloud to manage their Mac systems both via traditional policy control, or via SAML-based authentication.

But JumpCloud doesn’t just stop there. JumpCloud can authenticate and authorize access to other OS types (Windows and Linux), applications via SAML and LDAP, networks with RADIUS, and so much more. Regardless of end user choice of resource or their location, virtually everything can be managed and controlled for user access and system management via JumpCloud’s web-based admin console.

Try JumpCloud for Free

Whether you would like to use SAML authentication to authenticate users to macOS Catalina systems, or would like to take a different approach to Mac user/system/IT resource management, JumpCloud is sure to be a great fit for your organization. You can try everything the JumpCloud platform has to offer for up to ten users forever, at no cost to you whatsoever. Simply sign up for a JumpCloud account, and get started today.

Want to get your feet wet before jumping right in? You can contact us to learn more, including scheduling a live demo, or you can visit our blog to read more.

Zach DeMeyer

Zach is a Product Marketing Specialist at JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, music, and soccer.

Continue Learning with our Newsletter