How to install mac login


Pre-Installation settings

Mac Login Service has the ability to log location information.
To enable this feature, please make sure that the following location services are enabled.

1. System Preferences > Security and Privacy > Privacy > Location Services
 Make sure “Enable Location Based Services” is checked.


If “Enable Location Based Services” is checked, please proceed to the installation procedure.
If “Enable Location Based Services” is not checked, please do the following

2. Click on the “key” icon in the lower left corner and enter your “user name” and “password”.
 Click “Unlock” to continue.
3. Check the “Enable Location Based Services” checkbox.
4. Click on the “key” icon, then click on the “Close” button in the upper left corner.

This is all that is required before installation.


Install

  1. Insert the YubiKey into the USB port.
    Be sure to insert YubiKey because it is included to detect and work with YubiKey at the completion of installation.

  2. Run the downloaded installer.

    If the message ““YubiOnPortalClient.pkg” is an application downloaded from the Internet. Are you sure you want to open it?” is displayed, click “Open”.

    If it does not open, click “YubiOnPortalClient.pkg” while holding down the Control button and click “Open”.

  3. Click “Continue.”

  4. Read “Important Information” and click “Continue.”

  5. Read the “License Agreement” and click “Continue”.

  6. Click “I agree.”

  7. Click “Install.”

  8. Read the instructions and click “Continue Installation”.

  9. Administrative privileges on the macOS device are required.
    Enter your “User Name” and “Password” and click “Install Software”.

    After the installation is complete, several pop-ups will appear in addition to the installation complete screen.

  10. Click “Close.”

If the message “Do you want to put the “YubiOn Portal Client” installer in the Trash?” If the message “Do you want to put the installer of “YubiOn Portal Client” in the Trash?


Location and Notification settings

  1. Click “OK” when a pop-up window appears to allow the use of location information.

  1. Open System Preferences > Security and Privacy > Privacy > Location Services.
    If “PortalPreloginAgent” is checked, the setting is complete.

    If you do not see the above pop-up, such as during reinstallation, check the “PortalPreloginAgent” checkbox after reboot.

  2. Click “Allow” when the notification permission pop-up appears.

  3. Open System Preferences > Notifications > PortalPreloginAgent and if it is set as follows, you are done.

    • Allow notification from PortalPreloginAgent” is enabled
    • Show notification preview” is checked and “Always” is selected.
      ※For Big Sur and Monterey, “Always” is selected under “Show Preview

    If you do not see the above pop-up, for example when reinstalling, please go to System Preferences > Notifications and configure your settings.


Security and Privacy settings

Security and privacy settings are required for each operating system to use the Mac login service.
Please see below for information on security and privacy settings.


Security and Privacy setting items

The following settings are required for security and privacy

  • Location-based services
    Already set up in Location and Notification settings.
  • Input monitoring
    Added “DeviceLocker” and “YubiOnPortalLoginHelper.
  • Full disk access
    Added “PortalPreloginAgent” and “YubiOnPortalLoginHelper”.

A confirmation pop-up for the keystroke will appear.

  1. If it does not appear, open the System Preferences screen and continue with the settings.

    DeviceLocker” will be added to the input monitoring.

    If you do not see the above pop-up, such as during reinstallation, go to System Preferences > Security and Privacy > Input Monitoring.

  2. To change settings, click the “key” icon in the lower left corner of the screen.
    Enter your “User Name” and “Password” and click “Unlock” when prompted for administrative privileges.


Input monitoring settings

  1. Click on “Input Monitoring,” then click on “+.”

  2. Select “Macintosh HD.”

  3. Click on Library > PrivilegedHelperTools > YubiOnPortalLoginHelper and click “Open”.

  4. 「Check the box to the left of “DeviceLocker.
    If “DeviceLocker” is not listed, click the “+” button and add “DeviceLocker” from “Applications”.
    When a confirmation message is displayed, click “Do Later.


Full disk access settings

  1. Click on “Full Disk Access.”

  2. Check the checkbox on the left side of “YubiOnPortalLoginHelper”.

  3. Check the box to the left of “PortalPreloginAgent.

  4. If “YubiOnPortalLoginHelper” and “PortalPreloginAgent” are not in the table, click the “+” button and add them from the following location.
    Select “Macintosh HD

  5. Click on Library > PrivilegedHelperTools > YubiOnPortalLoginHelper and click “Open”.

  6. When a confirmation message appears, click “Do it later.

  7. After setting the above, check the “Do not display in the future” checkbox and click the “Close” button.


Reflection of settings

  1. Click on the “key” icon in the lower left corner, then click on the “Close” button in the upper left corner.

  2. Restart the terminal.

    The settings will not be reflected unless the system is rebooted.Be sure to reboot.
    When rebooting, it works fine even if YubiKey is plugged into the device.

    After rebooting, please log in to the terminal.
    *Setting is not complete at this stage. To set up login using YubiKey, you need to configure the client tool.

That’s it for the Mac login installation.
To enable two-factor authentication for a device, you will need to operate the configuration tool.