Mac Thick Client Support Kerberos Auth
My work device is domain joined, I have a Kerberos TGT on my device, and it works just fine when I use my browser. Kerberos authentication then just works with our ADFS identity provider, and I log into Teams, Office 365, and a multitude of other SAML protected endpoints. No additional password required while I'm logged in and on network.
The Teams thick client however always prompts me for a username and password for our ADFS endpoint, in spite of being on network and logged in. It would be nice if the Teams thick client could leverage my kerberos authentication just like my browser does.
Is the Mac client also chromium based as the Linux client? If yes, it probably helps to add the cmdline option --auth-server-whitelist=.mydomain.com (including the leading dot).
Chris Souza commented
Is Kerberos auth now working with the latest release of Teams for Mac?
Andrius Bumbl commented
This is the key reason why Mac users in our company does not use Teams thick client. It really would be nice to have Kerberos support in Teams thick client for Mac.
Bruce Guidotti commented
We are getting ready to implement Smart Cards as the other commenter stated. Other than that, we use Kerberos auth and ADFS, and are prompted to choose our e-mail address (or enter it the first time), then get a second forms-based NTLM auth. Please support Kerberos auth with ADFS.
Particularly important for organizations with smart card logon, and no password.