NoMAD Pro 1.2

We’re excited to announce the biggest update to NoMAD Pro since it was released!

NoMAD Pro 1.2 is primarily new features and a few bug fixes. If you’re currently running version 1.1, there is no immediate need to update.

New Features

  • Ability to set a logo for the Sign In window.
  • Change Password menu item that will either change the password via Kerberos, if configured, take the user to their Okta dashboard page, or change it via another method of your choosing. When changing via Kerberos the user’s AD password complexity requirements will be pulled live from AD.
  • Support for Yubikey OTP as an MFA type.
  • LastSignIn time written out to the preferences noting the last successful Okta sign in.
  • Actions menu to allow you to extend the menu to any and all actions you want.
  • New URI action – nomadpro://gettickets will have NoMAD Pro silently go through the Kerberos ticket retrieval process.

Bug Fixes

  • Better handing of Kerberos tickets.
  • Reworked the certificate retrieval process to be more dependable.


You can get the last licensed version here. And the latest trial version here.

New look, same address

We’ve now added the full NoMAD family to the webpage and made it much easier to understand the differences between the products. All of the help pages and all of the links you may have been using should still all go to the same paces, although we will be moving the entire help section in the future as we create separate landing pages for each product.

NoMAD 1.1.4 Released!

NoMAD 1.1.4


Overall, a mix of small tweaks, some bug fixes in particular to automatic cert generation and keychain item handling. If you’re using NoMAD to pull certs, this would be a good update to do, otherwise most of the other changes are more minor.


Most of the changes are non-UI based. The biggest impact to the users may be the icon change when clicking on the icon as we use the dark icon to invert when clicked on. If you’re using custom icons, make sure you’ve set a the dark ones as well to allow for this inversion.

We hope to address our longest running issue, the lack of a Kerberos domain being set, when attempting to change a password for the first time. With 1.1.4 we will now write out a preference file to ~/Library/ with your AD domain as soon as NoMAD is launched for the first time.

An additional long-running issue is also addressed in that using the TitleSignIn key will work more consistently.

As mentioned above, if you’re using NoMAD to automatically pull certs, this would be a good update to install as a number of issues have been fixed.

Change Log

– fix for Sign In window not fully displaying
– About menu now in menu
– icon now alternates when clicking on the NoMAD icon in the menu bar
– icon alternates correctly when in dark mode
– Kerberos preferences written out on first launch to further prevent the “Domain not found” error when changing passwords
– Certificate expiration computed better, and won’t crash on an already expired cert
– Automatically getting certs won’t cause a massive amount of certs to be generated
– Certificate cleaning will only happen if asked
– User password in the keychain will be looked for in many ways to ensure that the user name case isn’t an issue
– better defaults printing in the logs with -prefs
– fix for Sign In Window title not showing correctly when forced
– better handling of when all DCs in a site go down
– action menu fixes to correct actionTrue and to allow for cutom titles and red/yellow/green icons
– ability to get custom list of attributes from AD
– better handling of shares in the Shares Menu when switching users
nomad://getuser will put entire AD user record into the logs
– AppleScript Support
– Option to always make the current local user the primary Kerberos ticket
– Minor update to German localization
– Option to auto-mount shares via the Finder
– Write out current domain controller to NoMAD preferences

NoMAD 1.1.3 released!

This started off as a smaller update, then got bigger…

Some cool new features, a few bug fixes, and then a big new feature that we know will evolve some over time. In addition, NoMAD is now all in Swift 4 and all the warnings in Xcode are gone. You can thank Josh for that work.

Bug Fixes

  • Fewer password prompts when updating keychain items. In fact… you should have no password prompts.
  • We dug deep into Kerberos and should have squashed the annoying “Domain not set” issue when attempting to change your password through NoMAD for the first time.
  • Recursive group search works with “,” in user names.
  • Allow for both and expired AD password and a non-matching local password at the same time.
  • Better handling of the current date when looking for UPC alerts. This should minimize erroneous UPC Alerts.
  • Better handling of when your SSL Cert template doesn’t actually exist on the Windows CA.


  • Match any keychain item account for updates with <<ANY>>.
  • When using UPCAlerts and a URL for the password change type, NoMAD will check for new passwords every 30 seconds for 15 minutes to catch the new password change even faster.
  • The Sign In window is now unable to be closed if SignInAlert is set and the user has not signed in at least once.
  • The current AD site being used is written out to the preference file.
  • Known bad domain controllers can be blocked by listing them as an array of FQDNs in LDAPServerListDeny.
  • A new pref key, DontShowWelcomeDefaultOff will pre-tick the “Don’t show again” box on the welcome screen so users won’t have to do it themselves when it first appears.
  • UseKeychainPrompt will now show the Sign In window whenever the user does not have a password in the keychain, even if the user has signed in before.
  • Certs pulled via NoMAD can have airport and eapolclient added to them with the use of the AllowEAPOL key.

Actions Menu

We thought this would take us a bit longer… but NoMAD now includes a full actions menu which can hold as many “actions” as you’d like. Each action is a customized menu item that can have scripts and other built in actions behind it. Each item can have multiple actions chained together plus the ability to show or hide the item and even put red/yellow/green dots next to the items.

This is a fairly robust way of putting as many custom menu items as you’d like into a submenu in NoMAD.

You can read all about it here

NoMAD 1.1.2 Released

This is a minor update to NoMAD mainly to correct some issues with certificate retrieval.

Updates in this release:

  • fix for pulling certs too often when GetCertAutomatically is set
  • fix for LDAPServerList not working
  • remove build numbers from UI since builds are now in version number

If you are not using LDAPServerList or GetCertAutomatically there is not much need to update.