Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Directory Utility shows user properties are set by XCreds for non-cloud user accounts #280

Open
davelebbing opened this issue Oct 30, 2024 · 5 comments
Open

Directory Utility shows user properties are set by XCreds for non-cloud user accounts #280

davelebbing opened this issue Oct 30, 2024 · 5 comments
Assignees
@twocanoes

Comments

@davelebbing
Copy link
Collaborator

v5.1 build 4264

XCreds is settings values in Directory Utility for a local only user who signs in with the non-webview login screen. The XCreds menubar app considers these Directory Utility values to indicate that the user may be a cloud user who should be prompted to sign in because they do not have tokens. XCreds should not set these values for non-cloud users.

This issue can result in unexpected behavior for the shouldShowMenuBarSignInWithoutLoginWindowSignIn key.
@twocanoes
Copy link
Owner

please provide a sample profile and steps to replicate.

@davelebbing
Copy link
Collaborator Author

No profile is needed to replicate. On a clean installation of macOS, install any build of XCreds and log out. Then log back in as a local-only user and launch Directory Utility. In the Directory Editor tab, search for the current user. There will be an item called dsAttrTypeNative:xcreds_oidc_username.

I believe the issue is that XCreds should not be setting any values here for local-only users.

@twocanoes
Copy link
Owner

turns out that xcreds_oidc_username need so be set for ROPG to work. Do you remember what the issue is with shouldShowMenuBarSignInWithoutLoginWindowSignIn?

@twocanoes twocanoes removed their assignment Jan 21, 2025
@davelebbing
Copy link
Collaborator Author

davelebbing commented Feb 3, 2025
edited
Loading

The issue is that when shouldShowMenuBarSignInWithoutLoginWindowSignin is set to true, if a local-only user signs in from the username/password XCreds Login window, and then they launch the menubar app, they will be prompted to sign in because they are considered a cloud user because of the Directory Utility properties set.

CORRECTION: This will happen even if a brand new local only user signs in from the macOS login window and then launches the menubar app. The user is always asked to sign in even if they are not a cloud user and have not signed in using either type of XCreds login window.

@davelebbing davelebbing assigned twocanoes and unassigned davelebbing Feb 3, 2025
@davelebbing
Copy link
Collaborator Author

Further correction: the only bug to address is that if a non-cloud user signs in from the XCreds username/password login screen and shouldShowMenuBarSignInWithoutLoginWindowSignin is not set, when they launch the menubar app they will be prompted to sign in.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@twocanoes twocanoes

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@twocanoes @davelebbing