Understand what you will experience when logging in to a Mac via the Passport Login Window
- Logging in at the Passport Login Window with Mac Login
- Logging in at the Passport Login Window with Web Login
- Migrating Accounts
- Switching Languages at the Passport Login Window
- Password Changes using the Kandji Menu Bar
- Passport Password Sync Notifications
Passport is a feature in Kandji that allows logging into macOS computers using your organization's Identity Provider of choice. This means you don't need a separate password for your email and computer.
Logging in at the Passport Login Window with Mac Login
- At the Passport Login Window, you will be presented with the Mac Login window.
- In the username field, you must enter your full email address.
- Enter the password you use with your Idendity Provider into the password field.
- After a successful authentication, you will be logged into macOS.
Logging in at the Passport Login Window with Web Login
The example below features Passport with Okta Web Login. If you are not presented with a similiar prompt when you login, you can skip this section.
- You will be presented with the Web Login window for your specified Identity Provider at the Passport Login Window. This example uses Okta, but there could be one of several other Identity Providers in your tenant.
- If multi-factor authentication is enabled, you will be prompted to respond to the MFA prompt on a trusted device.
- After a successful MFA authentication, you will be prompted for your Identity Provider password one final time.
- After a successful authentication, you will be logged into macOS.
Migrating Accounts
After authenticating at the Passport Login Window, you may have a dialog for migrating a local user. This will essentially merge your local user with your Passport login. You will want to migrate your existing user if you want to be able to access all of the information stored in the local user when using Passport login.
- Select the Migrate my existing account radio button.
- Click Continue.
- Select the local user you would like to merge with your Passport login from the drop-down menu.
- Enter the password for your local user account.
- Click Continue.
- Click Merge Account.
Switching Languages at the Passport Login Window
You can configure specific language settings at the Passport Login Window. This is particularly useful if you are using a non-US standard keyboard.
Once selected, the keyboard layout will persist after restart.
- In the upper-right corner of the Passport Login Window, click the Keyboard icon.
- Select the specific language setting for the keyboard layout.
Password Changes using the Kandji Menu Bar
You can access the pre-defined password reset URL to initiate a password reset in your Identity Provider.
- Click on the Kandji Menu Bar icon.
- Select the gear, and pull down to Reset Password.
- The reset password URL should launch in a new window. You can then follow the steps to reset your Identity Provider password.
Passport Password Sync Notifications
When the option is set in the Passport Library Item to Securely store the user's password, every five minutes, Passport will perform a check against the Identity Provider to determine if the local password on the Mac matches the password set for your account in the Identity Provider.
If the option in the Passport Library Item is set to not securely store the user's password, password synchronization only occurs at each login.
