Keychain Usage


defaults write com.trusourcelabs.NoMAD UseKeychain true

Keychain syncing allows NoMAD to store your password in the user’s keychain to use for signing into your network account.

After setting this preference, the user needs to Sign In via NoMAD once. This creates a new keychain entry in the users’s default Keychain. The entry will have “NoMAD” as the name and the user’s full Kerberos principal, e.g. joel@COMPANY.COM, as the account name. The Keychain item will be configured to only allow NoMAD access to the entry. Note that you’ll need to have the NoMAD binary signed by a valid signing identity for this. The publicly available binary is signed.

Once the keychain entry is created, NoMAD will attempt to sign in on launch using the stored password. If NoMAD can’t sign in at that time, the user will be able to use the Sign In menu item, where NoMAD will attempt to sign in again using the stored password.

To remove the stored password and allow for another account to log in, use the Log Out menu item. This removes the Keychain item and allow the Sign In Dialog to present itself.