Languages

Valid Kerberos ticket not issued if using an 802.1x Login Window profile when FileVault 2 is enabled

If you install an 802.1x Login Window profile and also have FileVault 2 enabled, a valid Kerberos ticket will not be issued upon login. Instead, you will receive a ticket with an expiration date that is in the past.

If both a Login Window profile and FileVault 2 are required, you may use one of these methods to obtain a Kerberos ticket.

Disable automatic login

In OS X Mavericks and later, you can disable automatic login when using FileVault. This will cause you to obtain a Kerberos ticket when you log in via the Login Window.

Use the kinit method

The kinit command may be used to manually request a new ticket. In Terminal, execute the following command and enter your password when prompted:

kinit

Use Ticket Viewer method

You may also request a ticket using the Ticket Viewer application.

  1. Open Ticket Viewer, which is located at /System/Library/CoreServices/Ticket Viewer.
  2. Click the Add Identity button.
  3. Enter your identity and password, such as testuser@EXAMPLE.COM.
  4. Click Continue.
Last Modified: May 12, 2014
Helpful?
Yes
No
  • Last Modified: May 12, 2014
  • Article: HT200093
  • RADAR: 10821807 View >
  • Views:

    1023
  • Rating:
    • 20.0

    (1 Responses)

Additional Product Support Information

Start a Discussion
in Apple Support Communities
See all questions on this article See all questions I have asked