Client Setup: Mac OS X (No longer supported) - indiana-university/kumo GitHub Wiki

Sections

Installation
Client Configuration
OS Configuration

Installation

Requirements

• Mac OS 10.9+
• OSXFUSE 2.8.2
• The workstation must be actively joined to your domain and have a valid Kerberos ticket-granting ticket (TGT) on login.

Installation Notes

OSXFUSE is a virtual file system driver for Mac OS X.

Top

Configuration

Client Configuration

The Kumo Client executable has a settings file that can be customized to fit your environment. This file is located at /usr/local/libexec/Kumo.app/Contents/Resources/Settings.json. The available customizations are listed here.

promptForProfile

Default value: true

If the user does not have a Kumo profile, prompt them to create one. If they accept (by clicking Setup) they will be taken to the Kumo portal. The user can also dismiss the prompt (by clicking Not now) and optionally elect to not be prompted in the future (see 'allowIgnoreProfilePrompt' setting below.)

profilePromptText

Default value: Would you like to configure secure access to your cloud and local files?

The message to show users when prompting them to create a profile.

allowIgnoreProfilePrompt

Default value: true

Allow users to choose to never again be prompted to create a storage profile again.

Top

OS Configuration

In order to function properly, Kumo requires that each user have a valid Kerberos ticket-granting ticket (TGT) upon login. If your institution has an Active Directory or LDAP server you must join the Mac to the domain to that server. Alternatively if you have a standalone Kerberos Key Distribution Center (KDC) without a central directory you must modify the system configuration.

Note: A valid Kerberos ticket might not be issued upon login if using an 802.1x Login Window profile and FileVault 2. See Apple Support article HT200093 for more information.

Acquiring a Kerberos TGT from the Domain

In order to function properly, Kumo requires that each user have a valid Kerberos ticket-granting ticket (TGT) upon login. Assuming you have a property configured Active Directory or LDAP server, you'll need to join the Mac to your server:

1. Choose Apple menu > System Preferences, then click Users & Groups.
2. Click Login Options.
3. Click the lock icon 🔒 to unlock it, then enter an administrator name and password.
4. Click the button next to Network Account Server.

• The button is labeled Join if you haven’t already connected to a network account server.
• The button is labeled Edit you already have an existing connection. Click the Add button ＋.

1. Enter the fully qualified domain name of a network account server in the Server field, or choose one from the Server list.
2. To add another server connection, click the Add button ＋, then repeat step 6.
3. Click OK.

If your computer name contains a hyphen (-), you might not be able to join a network account server. To check your computer name, and change it if necessary, use Sharing preferences ( Apple menu > System Preferences, then click Sharing).

Top