Configuring Active Directory Binding for OS X (10.4.x) within Miami Dade Schools



Similar documents
6) Click the lock in the lower left corner of the Directory Utility Window and authenticate with the local administrator account s credentials.

Creating Home Directories for Windows and Macintosh Computers

Enterprise Apple Xserve Wiki and Blog using Active Directory. Table Of Contents. Prerequisites 1. Introduction 1

Instructions for Adding a MacOS 10.4.x Server to ASURITE for File Sharing. Installation Section

Configuring the Active Directory Plug-in

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

How To Set Up A Macintosh With A Cds And Cds On A Pc Or Macbook With A Domain Name On A Macbook (For A Pc) For A Domain Account (For An Ipad) For Free

Integrating Mac OS X 10.6 with Active Directory. 1 April 2010

Sentral servers provide a wide range of services to school networks.

Using SSH Secure Shell Client for FTP

Professional Mailbox Software Setup Guide

The ECU Wireless system uses a captive portal authentication system. There are three steps to configure your computer for wireless access:

Wazza s QuickStart 17. Leopard Server - Blogs & Wikis

Hallpass Instructions for Connecting to Mac with a Mac

Installing Microsoft Outlook on a Macintosh. This document explains how to download, install and configure Microsoft Outlook on a Macintosh.

Accessing the Tufts Network with a Mac School of Arts, Sciences, and Engineering

Instructions for Adding a MacOS 10.4.x Client to ASURITE

Apple Mail Setup Guide (POP3)

Windows Clients and GoPrint Print Queues

Professional Mailbox Software Setup Guide

Connecting to the ITS Modem Pool For the Macintosh Teresa Sakata

IIS, FTP Server and Windows

Centralized Mac Home Directories On Windows Servers: Using Windows To Serve The Mac

NetIQ Advanced Authentication Framework - MacOS Client

Active Directory Integration for Greentree

Other documents in this series are available at: servernotes.wazmac.com

Start Here. Installation Guide. Rosetta Stone Standalone License. This Guide Will Show You How To: Install the Student Management System...

Home and Shared Folders on Mac OS X Accessing Home and Shared Folders on Active Directory File Servers Using Mac OS X


Sharing files on Windows XP with Mac OS X clients

Mac OS X Secure Wireless Setup Guide

Administering FileVault 2 on OS X Lion with the Casper Suite. Technical Paper July 2012

License Patrol TM Mac Client Installation Guide 7.0 for Mac OS X. September 2015 VERALAB TM

Installation Guidelines (MySQL database & Archivists Toolkit client)

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

General Computing Network (GCN) Guide for Mac OS X

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

Connecting to Delta College Exchange services off-campus

Active Directory integration with CloudByte ElastiStor

VIVIDESK Desktops can be accessed with a Macintosh Computer by one of two methods:

Snow Active Directory Discovery

Binding an OS X computer to Active Directory at NEIU (Existing User)

How to install and use the File Sharing Outlook Plugin

Mapping ITS s File Server Folder to Mosaic Windows to Publish a Website

Setting Up Scan to SMB on TaskALFA series MFP s.

Installation Guide. Research Computing Team V1.9 RESTRICTED

CONNECT-TO-CHOP USER GUIDE

Wazza s QuickStart 1. Leopard Server - Install & Configure DNS

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Mac OS VPN Set Up Guide

How to use edgebox as a PDC and to Share Files

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

1. Open Thunderbird. If the Import Wizard window opens, select Don t import anything and click Next and go to step 3.

Dial Up Config & Connecting Instructions with Graphics

Wazza s QuickStart 13. Leopard Server - Windows Domain

Wazza s QuickStart 10. Leopard Server - Managing Preferences

NAS 109 Using NAS with Linux

Installation and User Guide. MQLink Version 3.0 (Java)

SQL Server 2008 R2 Express Edition Installation Guide

Installation Instruction STATISTICA Enterprise Small Business

Secure Outgoing Mail (SMTP) Setup Guide

Installing the Microsoft Network Driver Interface

Sophos Endpoint Security and Control standalone startup guide

How To Manage Storage With Novell Storage Manager 3.X For Active Directory

Windows 7 Hula POS Server Installation Guide

Viking VPN Guide Mac OSX RDP Usage

Remote Access - Mac OS X

Deploying Windows Streaming Media Servers NLB Cluster and metasan

How to generate an APNs Certificate to use the Apple MDM protocol via the portal

HWS Virtual Private Network Configuration and Setup Mac OS X 12/19/2006

Instructions for using VPN and accessing your files remotely

SuperOffice AS. CRM Online. Installing the Citrix Online Web plug-in

User Guide for eduroam

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Exchange 2013 mailbox setup guide

AppleShare Client User s Manual

Windows and MAC User Handbook Remote and Secure Connection Version /19/2013. User Handbook

QUANTIFY INSTALLATION GUIDE

Computer Science and Engineering MacOS Cisco VPN Client Installation and Setup Guide

Integrating LANGuardian with Active Directory

How To Upgrade Your Microsoft SQL Server for Accounting CS Version

Installing TestNav Mac with Apple Remote Desktop

Optional Mainserver Setup Instructions for OS X Support

Freshservice Discovery Probe User Guide

MAC OS X 10.5 Mail Setup

How do I Install and Use the Cisco VPN Any Connect Client for the Berkeley Campus?

NetBoot/SUS Appliance User Guide. Version 1.0

NS Financials. Client Platform Guide for Mac Using Safari Incl Citrix Setup As A Local Client

Joining my MAC laptop to the domain

Remote Access Password Tips

Scan to SMB(PC) Set up Guide

Secure Messaging Server Console... 2

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

Microsoft Entourage 2008 / Microsoft Exchange Server Installation and Configuration Instructions

How to Setup Scan to SMB to a Microsoft Vista Workstation Using a bizhub C451/ C550

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Transcription:

Configuring Active Directory Binding for OS X (10.4.x) within Miami Dade Schools 1) Login to the Mac OS X (10.4.x) workstation with a local administrative account. 2) Open (double-click) the hard drive icon that appears on the desktop: 3) Open (double-click) the Applications folder within the Macintosh HD window 4) Open (double-click) the Utilities folder within the Applications window: 5) Open (double-click) the Directory Access program within the Utilities window: 6) Click the lock icon in the lower left of the window to ʻunlockʼ the Directory Access window and enter the local administratorʼs credentials: Produced March 11, 2008 Page 1 of 8

7) Click the Enable checkbox next to Active Directory in the list within the Services section of the Directory Access window: 8) Click the Configure button at the bottom of the Services section of the Directory Access window: 9) In the slip that appears, enter ʻdadeschools.netʼ for the Domain and enter a computer ID that complies with the dadeschools.net naming standards (ie: Computer names start with site/location ID numbers. TIP: Avoid utilization of the ʻ-ʼ (hyphen) when naming your computer records as there are some underlying NetBios issues that can otherwise occur. 10) NOTE: DO NOT CLICK BIND YET, Instead, click the ʻdown arrowʼ to reveal Advanced options: Produced March 11, 2008 Page 2 of 8

11) User Experience: The user experience section defines how the workstation will behave when a user authenticates with their Active Directory credentials. Option A: Local Home Folders With local home folders, each Active Directory user who logs in has a home folder on the Mac OS X startup disk. In addition, the user's network home folder, if defined in Active Directory, is mounted as a network volume, like a share point. The user can copy files between this network volume and the local home folder. By default, binding to Active Directory will cause a local home directory to be placed into /Users on the workstation. This is done to provide storage for the user files, as the initial ʻpresumptionʼ is that there is no defined user home directory within the usersʼ record within Active Directory. Option B: Mobile Accounts You can start or stop using mobile Active Directory user accounts on a computer that is configured to use Directory Access's Active Directory plug-in. Users with mobile accounts can log in using their Active Directory credentials while the computer is not connected to the Active Directory server. The Active Directory plug-in caches credentials for a user's mobile account when the user logs in while the computer is connected to the Active Directory domain. To enable mobile accounts, click "Create mobile account at login" and optionally click "Require confirmation before creating a mobile account." If both options are selected, each user decides whether to create a mobile account during login. When a user logs in to Mac OS X using an Active Directory user account, the user sees a dialog with controls for creating a mobile account immediately or logging in as a network user. Produced March 11, 2008 Page 3 of 8

If the first option is selected and the second option is unselected, mobile accounts are created automatically when users log in. If the first option is unselected, the second option is disabled. Option C: Network Home Folder With network home folders, a user's Windows network home directory is mounted as the Mac OS X home folder when the user logs in. NOTE: This scenario requires a network home folder be defined in their user profile within Active Directory. To use Active Directory's standard attribute for the home folder location, select "Use UNC path from Active Directory to derive network home location" and choose the protocol for accessing the home folder. If your home folders are located on a Windows file server, choose "smb:" to use the standard Windows protocol, SMB/CIFS. If your home folders are located on a MacOS X file server, choose "afp:" to use the standard Macintosh protocol, AFP. 12) Leave Default User Shell checked ʻonʼ and set to /bin/bash 13) Mappings: On a computer that's configured to use Directory Access's Active Directory plug-in, you can specify an Active Directory attribute that you want mapped to Mac OS X's unique attributes. Usually the Active Directory schema must be extended to include an attribute that's suitable for mapping. As the Dadeschools.net domain schema has not been extended, the Mappings section of the Active Directory tools in Mac OS X should be left ʻunsetʼ as shown below: 14) Administrative: With the administrative options of the Active Directory settings, you may specify a preferred domain controller, what groups can administer the OS X Workstation, and allow cross domain authentication. Produced March 11, 2008 Page 4 of 8

Preferred domain controller: On a computer that's configured to use Directory Access's Active Directory plug-in, you can specify the DNS name of the server whose Active Directory domain you want the computer to access by default. If the server becomes unavailable in the future, the Active Directory plug-in automatically falls back to another nearby server in the forest. If this option is unselected, the Active Directory plug-in automatically determines the closest Active Directory domain in the forest. To enable this option, select "Prefer this domain server" and enter the DNS name of the Active Directory server. (ie: 1111dc1.dadeschools.net) Active Directory groups that can administer the OS X Workstation You can identify Active Directory group accounts whose members you want to have administrator privileges for the computer. Users that are members of these Active Directory group accounts can perform administrative tasks such as installing software on the Mac OS X computer that you are configuring. select "Allow administration by," then change the list of Active Directory groups accounts whose members you want to have administrator privileges. Add a group by clicking the Add button (+) and entering the Active Directory domain name, a backslash, and the group account name (for example, DADESCHOOLS\Domain Admins, DADESCHOOLS\Enterprise Admins, DADESCHOOLS\1111SiteAdmins). Remove a group by selecting it in the list and clicking the Remove button (-). Controlling authentication from all domains in the Active Directory forest If you select "Allow authentication from any domain in the forest," you can add the Active Directory forest to the computer's custom search policies for authentication and contacts. When adding to a custom search policy, the forest appears in the list of available directory domains as "/Active Directory/All Domains." (This is the default setting.) If you deselect "Allow authentication from any domain in the forest," you can add Active Directory domains individually to the computer's custom search policies for authentication and contacts. When adding to a custom search policy, each Active Directory domain appears separately in the list of available directory domains. 15) Click the BIND button in the middle of the Directory Access window: Produced March 11, 2008 Page 5 of 8

16) If prompted, enter the local administrative credentials for the OS X Workstation: 17) Enter the credentials of an Active Directory account with binding rights to the domain in the Username and Password fields provided. 18) In the Computer OU field, enter the proper ʻpathʼ to the appropriate container within the dadeschools.net Active Directory structure: In the sample screenshot above, this is: OU=1111,OU=Site Based Computer Accounts,DC=dadeschools,DC=net If youʼve created any sub-ous within your site, ie: Apple, then this entry would change slightly to: OU=Apple,OU=1111,OU=Site Based Computer Accounts,DC=dadeschools,DC=net 19) Click OK, and the Mac OS X workstation will proceed through 5 steps to bind to the Active Directory domain. 20) When complete, the Bind button will change state to UnBind 21) Click the OK button in the bottom right to return to the main Directory Access window view: Produced March 11, 2008 Page 6 of 8

22) Click the Authentication tab at the center top: Beneath /NetInfo/DefaultLocalNode should be Active Directory/All Domains in the list. This signifies that immediately after hunting the OS X local user database, the workstation will seek to authenticate against the Active Directory bindings just defined. 23) Click the Apply button in the bottom right of the Directory Access window to apply all your changes. 24) Exit/Quit the Directory Access program by choosing Quit Directory Access from the Directory Access menu in the upper menubar: Produced March 11, 2008 Page 7 of 8

25) Log out of the OS X Workstation to the login window by choosing Log out... from the bottom of the Apple menu in the upper left corner of the screen: 26) At the login window, click a few times with the mouse on the grey colored text below Mac OS X This technique reveals some basic status information about the workstation: Computer Name OS X Version OS X Build Serial Number of the workstation TCP/IP address of the workstation Network Account availability Current date and time of the workstation If you see Network Accounts Available with a ʻgreenʼ status indicator, you can enter an Active Directory user account and password to login to the workstation. If you see Network Accounts Unavailable with a ʻredʼ status indicator, you will only be able to login with the local user accounts on the workstation as there is a problem reaching the directory service. This ʻfeatureʼ is available on OS X and OS X Server login windows: Produced March 11, 2008 Page 8 of 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information