NoMAD 1.0.4

by | Apr 17, 2017 | NoMAD Releases | 0 comments

We’re excited to announce the release of NoMAD 1.0.4 today.

This release picks up a few bugs from 1.0.3, adds another localization, gives more options on how to display the password expiration countdown, and then implements a fairly comprehensive new set of password policies. You can find the complete list of issues here.

A few highlights:

  1. Password countdown – If you don’t want to see it, you can hide the password expiration countdown regardless of if the user’s password is set to expire in AD. You can do this via defaults write com.trusourcelabs.NoMAD HideExpiration 1. On the other hand… if you want to see the countdown more often, you can set that as well so that NoMAD will keep the countdown in the menu bar even if the user is not logged into AD. You can set this by defaults write com.trusourcelabs.NoMAD PersistExpiration 1.
  2. UI changes – You can now close all windows with cmd-W, we’d not even realized we weren’t doing that. Now it’s fixed. Also there’s a spinner that shows up when you’re logging in or changing your password. This give the user some better feedback that something’s going on under the covers.
  3. Spaces in names – You may not have realized, but NoMAD supports users with a space in their short name. I didn’t realize that AD even allowed that, but it does… Now NoMAD supports spaces in the home share as well.
  4. Prompting users to sign in – NoMAD can now put up a Sign In window after launch as soon as the domain is reachable and a user isn’t already signed in. You can use this for prompting your users to sign in after logging into their Mac. Enable this with defaults write com.trusourcelabs.NoMAD SignInWindowOnLaunch 1.
  5. Ignoring password sync – It’s possible to want NoMAD to sync the AD password down onto the local user, but not want that all the time. Now you have two ways of doing this. First you can use the alternative Sign In, by holding down control-option when clicking the NoMAD menu. When signing in this way, no synchronization will be done. You can then sign out, and the original Kerberos credential will be intact. Secondly you can tell NoMAD to only sync passwords when the AD name matches the local user name. Enable this with defaults write com.trusourcelabs.NoMAD LocalPasswordSyncOnMatchOnly 1.
  6. Password policies – This is probably the biggest new feature of 1.0.4. You can now tell NoMAD what your AD password policy is and NoMAD will ensure that’s met before allowing the user to change their password. You can set this policy by defaults write com.trusourcelabs.NoMAD PasswordPolicy -dict minLength 6 minUpperCase 2 minLowerCase 2 minNumber 2 minSymbol 1 and then the user will get red and green dots next to the passwords in the Change Password window.Screen Shot 2017-04-16 at 9.17.24 PMMousing over the colors will then tell the user exactly what part of the policy the password is not meeting. The Change Password button will only be enabled when the password meets the policy. In addition NoMAD will now ensure the new password can actually be set locally, if you have password syncing enabled, and alert the user that the password isn’t compliant.

We’ve also updated the list of preference keys for all of the new 1.0.4 versions.

Keep the feature requests coming, and we’ll keep making NoMAD better!