Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Xcreds (7130) Does not deal well when the endpoint has an Entra ID Cloud Kerberos Ticket #257

Open
miawri opened this issue Aug 9, 2024 · 2 comments
Open

Xcreds (7130) Does not deal well when the endpoint has an Entra ID Cloud Kerberos Ticket #257

miawri opened this issue Aug 9, 2024 · 2 comments
Assignees
@twocanoes
Milestone
XCreds Future

Comments

@miawri
Copy link

miawri commented Aug 9, 2024

If PSSO with Secure Enclave is enabled, macOS receives a @KERBEROS.MICROSOFTONLINE.COM kerberos ticket.

This seems to affect any AD based kerberos ticket from being processed correctly by XCreds as the "AD Password Expires" is not populated when this cloud ticket is present.

Destroying the cloud ticket and re-running XCreds allows that field to be populated.
@davelebbing
Copy link
Collaborator

@twocanoes can you confirm if this is milestone XCreds 5 vs future? I will need some testing guidance for this.

@twocanoes
Copy link
Owner

@davelebbing we need to set up a MS PSSO environment to test, but i have had others report similar issues and we should be interoperable with PSSO.

@twocanoes twocanoes added this to the XCreds 5.1 milestone Oct 17, 2024
@davelebbing davelebbing modified the milestones: XCreds 5.1, XCreds Future Oct 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@twocanoes twocanoes

Labels
None yet
Projects
None yet
Milestone
XCreds Future
Development

No branches or pull requests
3 participants
@twocanoes @davelebbing @miawri