+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 23
Mac Thread, Mac Server and Windows Active Directory in Technical; Hi everyone i have recently started using macs and i have just added my mac server to my windows active ...
  1. #1
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Mac Server and Windows Active Directory

    Hi everyone

    i have recently started using macs and i have just added my mac server to my windows active directory so that we can use single sign on but what i was wanting to know it keeps trying to pull the Documents folder down but because it is called My Documents it doesnt work is it possible to even seperate the accounts so that when they log onto mac it pulls the documents folder from the mac server instead of the windows server?

  2. #2
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    does anyone know why the mac clients would not be pulling down the policys from the mac server they log in through AD with no problems but dont seem to pull down any policy changes which i do on the mac server?

  3. #3

    Join Date
    Feb 2007
    Location
    Kent
    Posts
    634
    Thank Post
    271
    Thanked 51 Times in 43 Posts
    Rep Power
    40
    have you added the users/computers in WGM?

  4. #4
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    in WGM it is looking at the local side on the mac so i changed this to look through AD and then added a mac suite and the test Imac into that suite but again when i go back into local it doesnt appear. this is only available if using WGM i am searching through AD

  5. #5
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I was able to select the AD and see the test Imac here but i cant create groups it errors out when i try

  6. #6
    dayzd's Avatar
    Join Date
    Nov 2009
    Location
    In front of computer
    Posts
    405
    Thank Post
    75
    Thanked 59 Times in 48 Posts
    Rep Power
    24
    To edit machine settings, you need to be working in the XServe's Open Directory - AD doesn't support MCX (Managed Client for OS X - the records used to control Mac clients).

    In your XServe's directory (it should be the local one), make a machine group. You should then be able to add your AD computers as members of this computer group (assuming your XServe is bound properly to your AD, and your AD is properly set in your XServe's search path - check with "Directory Utility.app" in /System/Library/CoreServices).

    Once your AD records for your Macs are members of the group you made, you can set the policies you want via the machine group with WGM.

    [ N.B. Your iMac's need to be bound to both your AD and your XServe's OpenDirectory for this to work. ]

  7. #7
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    its very strange can anyone help with this, i have got the Mac server linked with active directory on my windows side and the Mac clients are allowing legacy users to log in using single sign on which is great but now the Mac server is really doing nothing because none of the changes i make for the Mac Clients are working. I have been using Work group Manager but it doesnt see any computers unless i select active directory and then when i do select this i cant create groups or make changes to individual computer policies for MAC.

    I am not worried about the legacy equipment everuthing is working fine they are pulling policies and gpo through the windows server but all i wanted to do was allow any user to sign onto the mac clients but have the mac server sort everything else out for Mac's is this possible?

  8. #8
    stevehp's Avatar
    Join Date
    Jul 2008
    Location
    Ohio
    Posts
    102
    Thank Post
    13
    Thanked 19 Times in 16 Posts
    Rep Power
    16
    You need to create the groups using open directory in workgroup manager. The group will appear in the left hand column and in the right hand side of the application you will have two-three tabs: basic, members and if enabled, inspector. Click members then click on the plus sign and a tray will slide out. At the very top of that tray you'll see Directory: /LDAPv3/127.0.0.1 click the downward facing chevron next to the globe and select your active directory domain and add your computers that way.

    Ideally you should use a magic triangle configuration which means the Mac server is bound to AD, but is also an open directory master. Then bound the clients to both AD and OD that way they login with an AD account and get network documents, but they also get managed policies from your XServe. Computer accounts will be created in both AD and OD for this to work.

  9. #9
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks guys i will give both your suggestions a try here now and ill let you know how i get on

  10. #10
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    unfortuneatley that doesnt seem to have worked it looks like the imac is actually getting its policies from the windows side and isnt regestering anything on the mac side is there some step that ive maybe gone wrong with the server doesnt seem to see any connections on the server at the moment.

  11. #11
    stevehp's Avatar
    Join Date
    Jul 2008
    Location
    Ohio
    Posts
    102
    Thank Post
    13
    Thanked 19 Times in 16 Posts
    Rep Power
    16
    You will have to bind the client to the open directory on the mac server for machine policies to be pushed down. Your clients are probably currently bound to only AD thus they have no reason to grab the policies being pushed down from the server. The only way for your current setup to work is to edit the individual policies on locally each of your mac clients. Binding the clients to your mac server is much easier though. Just make sure your Mac server is setup correctly and that your DNS servers are in good condition.

  12. Thanks to stevehp from:

    Aaron (27th July 2011)

  13. #12
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    thanks stevehp the clients are bound to AD it was one of the steps i went through so i just unbind them from AD and then bind them to the mac server instead?

  14. #13
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    If i unbind the clients does this stop users from authenticating to them or does the mac server still allow this to happen so that i am still able to use single sign on?

  15. #14
    stevehp's Avatar
    Join Date
    Jul 2008
    Location
    Ohio
    Posts
    102
    Thank Post
    13
    Thanked 19 Times in 16 Posts
    Rep Power
    16
    No, the mac clients would be bound to both AD and OD. AD would still provide your authenication services, but now with the client bound to OD it can receive machine policies.

  16. #15
    Aaron's Avatar
    Join Date
    Feb 2009
    Location
    N.Ireland
    Posts
    251
    Thank Post
    78
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    ah right sorry so just make sure that the clients are bound to both no problem

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. server 2003 corrupt Active Directory Database problem
    By Mark_D in forum Windows Server 2000/2003
    Replies: 1
    Last Post: 12th June 2011, 12:51 PM
  2. Help with Mac's and Windows
    By wellscs in forum Mac
    Replies: 1
    Last Post: 21st June 2010, 09:19 AM
  3. Active Directory Backup and Restore in Windows Server 2008
    By cookie_monster in forum Windows Server 2008
    Replies: 0
    Last Post: 1st August 2009, 01:48 PM
  4. MAC OS Server and Active Directory
    By steveo2000 in forum Mac
    Replies: 1
    Last Post: 7th April 2009, 02:40 PM
  5. Moodle LDAP and Windows Active Dir
    By painejake in forum Virtual Learning Platforms
    Replies: 3
    Last Post: 6th March 2009, 12:38 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •