Skip to end of metadata
Go to start of metadata

eApple's macOS Single Sign-on extension allows for seamless account integration between the Mac and VCU's Active Directory infrastructure. This integration is necessary in order to maintain security, reliably access network resources, and allow your eID to be used on the Mac. 

What's was the problem?

In the past - SOMTech configures each Mac to be bound to VCU's Active Directory. Because of this, users have what are called "Mobile accounts" instead of the traditional "Local account" that you would have if this were a personal computer. While this does allow SOMTech to maintain security and also utilize eID accounts on Macs - there are some downfalls with features and reliability. 

For instance - when you change your eID password and have a Mac that is encrypted with FileVault2, the password will not automatically be updated after you've reset it on VCU's website. There are some extra steps required, and if not done correctly or in a timely manner,  can cause serious disruption or downtime. 

What's new?

With Apple's new Single Sign-on extension - we can utilize Local accounts instead of Mobile accounts. This allows for your eID password and Mac password to be almost seamlessly in sync. On a managerial level, it is easier to make changes to Local accounts, and also to troubleshoot if there are problems, than it is for Mobile accounts. 

How it works 

New Mac, First login

When you sign in to your account for the first time - a window will appear and request you to enter your VCU eID information.

NOTE: If you are OFFSITE and logging in for the first time - you must connect to RAMS VPN in order to continue.

     Ignore the Options dropdown as it is currently unsupported.

[View Image] [View Image]

NOTE: You will be asked if you wish to turn on Automatic Login. No matter your choice, this option is currently disabled. Unfortunately, we don't yet have a way of disabling this prompt. 

[View Image]

Next - you will be prompted to verify both your eID password and also the password you use to currently logon to the Mac.

NOTE: If this is your first time logging onto the Mac, use the temporary password provided by SOMTech.

[View Image]

Afterwards - it will make sure that the password used to logon to the Mac now matches your eID password. 

[View Image]

Resetting your eID password

Your eID password must be changed annually. Typically, you will receive email alerts notifying you that the password is set to expire about 14 days in advance.

If you would like to reset your VCU eID password: 

  1. Click on the SSO icon in the Menu Bar, choose Change Password.
    [View Image]
  2. This will take you to https://myeid.vcu.edu where you can reset your password. 
    [View Image]
    [View Image]
  3. Change your password.

    Updating the Mac's password to reflect the new eID password

    The next time the Mac detects a change in network (e.g. logging into RAMS VPN) then it will ask you to enter your eID and Mac passwords in order to ensure they're synced.

  4. Connect to RAMS VPN (more info)
    [View Image]
  5. You should receive a prompt asking you to enter your eID and password

    [View Image] [View Image]

    NOTE: You will be asked if you wish to turn on Automatic Login. No matter your choice, this option is currently disabled. Unfortunately, we don't yet have a way of disabling this prompt. 

    [View Image]

  6. Next - you will be prompted to verify both your eID password and also the password you use to currently logon to the Mac.

    [View Image]

  7. Afterwards - it will make sure that the password used to logon to the Mac now matches your eID password. 

    [View Image]

FAQ

Q: I updated my eID password but do not know the password for my Mac?

A: Contact SOMTech or submit a ticket. SOMTech can reset the account and provide a temporary password so that you can login and sync your passwords.


Q: I'm on the VCU Technology Website but cannot login or reset my password?

A: Call the IT Support Center (828-6447), they will assist with resetting the password over the phone.


Q: I am entering my new eID password and old Mac password but they are not syncing?

A: Contact SOMTech or submit a ticket. SOMTech will review the account to make sure there is not a secondary issue causing conflict. 


Q: I updated my eID password but am not being prompted, on my Mac, to enter my new credentials and sync passwords?

A: Currently, connecting to RAMS VPN is the best way to trigger the password check. If you are connected to VPN and still not receiving the request, contact SOMTech or submit a ticket and we can troubleshoot further.


Q: Under the SSO icon, it reports that my password does not expire?

A: This is a bug and is not accurate. Your VCU eID password expires annually. We hope to resolve this in future builds.




  • No labels
{"serverDuration": 124, "requestCorrelationId": "78009185b87b5d26"}View graphic version