I realize that the Mac's in our OOB VGW environment can't do SSO like the Window's machines. Since I don't want to get into the business of managing a lot of userid's and passwords I've been trying to come up with alternatives.
The first one that comes to mind is a "group" ID and password in the local DB that the Mac users can use. Simple but from a security standpoint not a good idea.
The second thought is to create a second authentication server where Mac users could point to when the login screen pops up.
Are there any caveats to using the second auth server? Is there any chance it cold cause problems with SSO?
You can use either a MAC user page, or just set LDAP on your default page. This way if any of your Windows machine fails authentication too for any reason, they will have the option to use LDAP to log in. Either should work just fine.
Same username for LDAP setup would work fine too.