Active Directory Authentication With OSX

From Wiki

Revision as of 01:39, 23 June 2008 by SYNACK (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to:navigation, search

How to join Apple OS X to Active directory The following information you will require to be able to authenticate into Active Directory.

Active Directory Domain name Domain admin User Name and Account

First you will need to run a application called Directory Access. You can find this application in /Applications/Utilities

You may need to unlock the padlock in order to be able to do anything in this application.

Once you are in Directory Access you will then need to enable the Active Directory plug in by clicking enable. When enabled you can then start to configure the plugin.

Once in the configuration pane you then need to type in your active directory domain. So for example I could type in "". You will then need to type in a computer ID. If you have named your computer correctly it should pick the computer name from there. After all above all you need to do now is click bind. You will then be asked to put in your username and password. If you put in your Domain Admin username it will start to bind to the Active Directory Server. I suggest if you are planning on using Bootcamp on the domain i would suggest you use different computer names for either operating system. Otherwise the trust for each OS will be different and you will find yourself binding to the domain everytime you change operating system.

Now you are binded to Active Directory you will need to set a authentication search path. This tells OS X to search active directory for a login account. So if you click Authentication tab and click add you will see /Active Directory/All Domains. if you add that and then apply you should now be able to log in.

If you go back to the configure pane on Active Directory in Directory Access you can set the home drive to either be a local home drive in /Users or you can set it to use the Home Drive of Active Directory. But in order to do this you need to make sure the user accounts can read folders before there home drive. make sure its not inherited to every folder only to the previous folder.

Many thanks to Ross2K5 for the article.