+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Mac Thread, Mac suite in a Windows domain in Technical; We've currently got one suite of 20 Macs running as standalone machines (with Internet access and login to Windows school ...
  1. #1
    u8dmtm's Avatar
    Join Date
    Feb 2006
    Posts
    231
    Thank Post
    7
    Thanked 13 Times in 12 Posts
    Rep Power
    20

    Mac suite in a Windows domain

    We've currently got one suite of 20 Macs running as standalone machines (with Internet access and login to Windows school network work areas via small program after login as generic 'User').

    To make things a bit easier and more integrated we want to make the Macs more integrated with the Windows domain. We've tried AdmitMac and also used instructions on web for making machine domain member - which is fine. But we also want to control the machines more centrally.

    I've never used OS X Server but am thinking of getting it to run these machines.

    What would be the best format to do this so that students log in with their Windows credentials and get a link to their windows network file store, no access to saving to the HDD and I get to lock down the OS X desktop as I would be able to with a local User, and ideally centrally.

  2. #2


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339

    Re: Mac suite in a Windows domain

    OSX has samba installed so the macs can join a windows domain.
    http://www.apple.com/itpro/articles/adintegration/
    The windows shared home drive will automatically be accessible.

    Not sure abuot locking down the Desktop as I've not done this.
    does anyone know if unix clients will try and process a login script that has been specified in AD? if they can then you could rewrite the script in perl/python so all clients can use it.

  3. #3

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,341
    Thank Post
    624
    Thanked 1,584 Times in 1,421 Posts
    Rep Power
    414

    Re: Mac suite in a Windows domain

    Macs can access windows file servers even windows 2003 one using the microsoft provided login client.

    As long as you have the relevant macshare setup they can use the client to log on to your windows server and access their files etc... without you needing to add anything else.

    You don't say what sort or macs you have or what os they are running but I've been doing this with 9.2 clients.

    For the security side of things I've been using a product that I can remember the name of but I basically set one imac up then imaged it to a network share using the mac tools then this was copied over the network to the others.

    I've just sold 24 indigo imacs as I don't want the hassle of supporting the 2 different platforms and we aren't big mac users. Still got a few more to get rid of and they will be going as soon as I can make it happen.

    Ben

  4. #4

    Join Date
    Feb 2006
    Posts
    1,187
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Re: Mac suite in a Windows domain

    Quote Originally Posted by plexer
    I've just sold 24 indigo imacs as I don't want the hassle of supporting the 2 different platforms and we aren't big mac users. Still got a few more to get rid of and they will be going as soon as I can make it happen.

    Ben
    :idea: Please do not adjust your set. Plexer did actually write that.

  5. #5

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,930
    Thank Post
    1,337
    Thanked 1,781 Times in 1,105 Posts
    Blog Entries
    19
    Rep Power
    594

    Re: Mac suite in a Windows domain

    Quote Originally Posted by NetworkGeezer
    Quote Originally Posted by plexer
    I've just sold 24 indigo imacs as I don't want the hassle of supporting the 2 different platforms and we aren't big mac users. Still got a few more to get rid of and they will be going as soon as I can make it happen.

    Ben
    :idea: Please do not adjust your set. Plexer did actually write that.
    *sob*

    I hope you are replacing them with Mac Minis booted into XP. Then you can atleast give them the choice.

  6. #6

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,930
    Thank Post
    1,337
    Thanked 1,781 Times in 1,105 Posts
    Blog Entries
    19
    Rep Power
    594

    Re: Mac suite in a Windows domain

    Back to the original question.

    You have a few choices with the integration.

    First, as long as you are running 10.3 (preferably 10.4) then you can bind the computers to the Active Directory. Cybernerd's link can give you info on this.

    To lock the machines down then you can either use login hooks (Mike Bombich's site is good for this) or pick up a Mac Mini to run OSX Server on (10 client version is all you need really). This gets a bit more complicated and depending on how confident you are I would recommend you talk to a local Apple Solutions Expert about your requirements. Most are interested in getting you using Macs and so they are unlikely to do a hard sell.

    There is the option of 3rd party software ... ADmitMac is ok for the occasional staff machine but I would recommend MadAdministrator from Hi-Resolution as the best method (also has a number of other features including print accounting, deployment of software ....)

    www.macenterprise.org is the best place for anything MacLab based nowadays, but Apple have started the macosx-interop mailing list for discussion of interoperability of Macs.

    HTH

  7. #7

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,341
    Thank Post
    624
    Thanked 1,584 Times in 1,421 Posts
    Rep Power
    414

    Re: Mac suite in a Windows domain

    afraid we are pc and windows only and will be staying that way. It's taken me over 2 years to final get rid of these and now I beieve the only macs I have that's actually plugged in and working are a couple in our inclusion centre which will be replaced when they move into our new building in a few weeks time and one of those flat screen adjustable lamp looking ones on a deputies desk.

    Still got a few 350mhz blueberries if anyone wants them cheap? £25'ish each plus delivery.

    Ben

  8. #8

    Join Date
    Dec 2005
    Location
    Midlands
    Posts
    130
    Thank Post
    2
    Thanked 12 Times in 12 Posts
    Rep Power
    20

    Re: Mac suite in a Windows domain

    here we have started going the other way, with the addition of media this year and art wanting some, i think we now have 8 in total, i really must get round to getting them to authenticate properly because at the moment they are just standalones with internet access, anyone know any good guides because when i last used them they were running system 8/9 talking (ish) to a windows 2000 server but ours dont seem to like 2003 for some reason

  9. #9

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,930
    Thank Post
    1,337
    Thanked 1,781 Times in 1,105 Posts
    Blog Entries
    19
    Rep Power
    594

    Re: Mac suite in a Windows domain

    If you and your guvnor fancy a trip then pop over to Corby ... you have a range of schools that use Macs over here.

    Kingswood, Lodge Park and Brooke Weston all have Mac Setups of various types.

  10. #10

    broc's Avatar
    Join Date
    Jan 2006
    Location
    England
    Posts
    2,046
    Thank Post
    104
    Thanked 401 Times in 265 Posts
    Rep Power
    150

    Re: Mac suite in a Windows domain

    I could do with some wise words please!

    Our main school network is based upon Server 2003 and XP clients. We also have a suite of 10 stand alone MAC G4s (OS X 10.3) used for video editing and music composition. Students work is stored on the local system drive or an external firewire drive with pretty poor levels of security.

    These G4 systems are connected to the school network for Internet access but at present students cannot access their Windows home directory. They are in a seperate building connected to the main school network via fibre but for reasons best known to the people that installed the link this is only running at 100mbit! ( Cheap low speed media converter installed)

    I have been asked to look at integrating the MACs into the main school network so that students can authenticate using their same logon id/passwords and store their data on the main Server 2003 fileserver.

    We have limited MAC skills in school, and I don't believe my LEA will be able to offer any serious advice/support in this task.

    Some obvious and fairly naive questions spring to mind:

    1) Is it possible, I believe from the limited research I have done the answer is yes.
    2) assuming it is possible, should I do it, or should I be looking at installing a MAC server? What are the advantages/disadvantages of MAC server vs Windows Server in this situation?
    3) If I network the MACs to a MAC server, can I then integrate the MAC server into AD for authentication?
    3) Should I allow multimedia files to 'mingle' with the normal student and staff data, or should I be looking at a seperate file server/NAS device for multimedia?
    4) I am familiar with locking down XP clients and GPO, can I do the same with MACs? Will a MAC networked to a MAC server be more/less secure than being networked to Server 2003?

    If we decide to proceed down this route, believe I should budget to include some support and consultancy, any ideas what the going rate is for MAC consultancy?

    All comments and pearls of wisdom gratefully received.

  11. #11

    Join Date
    Oct 2005
    Location
    hey hey hey, stay outta my shed. STAY OUT OF MY SHED.
    Posts
    1,011
    Thank Post
    238
    Thanked 190 Times in 146 Posts
    Rep Power
    106

    Re: Mac suite in a Windows domain

    Broc,

    You probably want to go to my website and start reading all the blog posts titled "Basics of integrating modern Macs onto a Windows network"

    http://robertmoir.com/tags/Computers...px?PageIndex=2

    there are quite a lot of posts on the subject and they will take you through general discussions of the concepts involved up to an actual howto / FAQ on what buttons to press to actually join a mac to your windows domain.

    Regards
    Rob

  12. #12

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,590
    Thank Post
    109
    Thanked 762 Times in 593 Posts
    Rep Power
    180

    Re: Mac suite in a Windows domain

    @broc: Just a quick note on how I intend to do this. I am about to add 11 iMacs in the Music dept to the network.

    * The users will logon using their AD credentials (full details on the Apple site on how to do this)
    * A Mac server will be used to lock down the Macs (I have a dual G4 running OS X Server 10.4 for this)
    * The users will receive a shortcut to their Windows home directory automagically - the Mac authentication does this for you
    * By default all work will be saved to the local hard disk - editting music/video over the network is a BAD idea unless you have vast quantities of bandwidth

    I will also use Retrospect to back up the work stored on the Mac clients every night - my 'Multi Server' license allows for unlimited clients and there is a remote agent

    I highly recommend reading the documents at http://www.apple.com/itpro/articles/adintegration/

  13. #13

    Join Date
    Dec 2008
    Location
    Devon
    Posts
    10
    Thank Post
    0
    Thanked 2 Times in 2 Posts
    Rep Power
    12
    I have found after quite sometime of hassling over trying to get macs to properly bind into AD (which worked in the end) that osx server is the way to go and we are getting it quite soon. I think anyone who wants to be running macs in a big network should look at getting it, even though it it pricey it offers huge advantages and i am definately looking forward to finally having our mac suite working the way it should.

  14. #14

    Join Date
    Nov 2008
    Location
    slough
    Posts
    35
    Thank Post
    5
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    hi

    iv been asked today to investigate whether it is possible to have a Mac suit that authenticates with our AD or do we need to have a separate Mac network.

    From what i have read it is possible, but the macs wont map shared drives, only home areas?

    Can i plug in a Mac to our network and log on using the windows credentials or as i suspect will i need to do more to the Mac?

    ahh this is such a mind field to me.

    pete

  15. #15

    Join Date
    Dec 2008
    Location
    Devon
    Posts
    10
    Thank Post
    0
    Thanked 2 Times in 2 Posts
    Rep Power
    12

    Yes

    it is possible yes, but it will not allow you to put restrictions on the mac such as only letting certain people do certain things, but it can be integrated.. Although not without a few sleepless nights as it didnt go hugely smooth when we did it. We have server now but to the best of my knowledge when we didnt we were able to sign in with user credentials from our windows server and then the drives set up to mount as their area...

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Ubuntu On Windows Domain
    By FN-GM in forum Windows
    Replies: 5
    Last Post: 27th July 2007, 01:11 AM
  2. Dansguardian on windows 2003 domain
    By netadmin in forum *nix
    Replies: 68
    Last Post: 12th July 2007, 08:18 AM
  3. New Mac and A Windows Domain
    By Grommit in forum Mac
    Replies: 3
    Last Post: 9th March 2007, 07:43 PM
  4. Mac on a Windows (well urmm 'ish) domain
    By linuxgirlie in forum Mac
    Replies: 8
    Last Post: 15th January 2007, 01:01 PM
  5. Mac on a windows domain.
    By apeo in forum Mac
    Replies: 3
    Last Post: 26th January 2006, 09:30 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •