How to bind OSX 10.4 Server to AD for client authentication...
Posted on 2007-03-19
I must start out by saying that I am a relative newbe to the Apple world, and while i have a basic knowledge of AD and how it works pelase do not omit any small details or assume that i will know what you are talking about!
Okay, I am a System Administrator at a medium-sized high-school (we have around 200 student workstations (PCs) and another 100 staff laptops (mix of Apple and IBM). The school has just purchased a shiny new Xserve, 12 MacPro's, and 40 MacBooks.
The idea is that we would like the users to be able to log-on to any of the Macs with their AD username and password. The catch is that for those students doing a subject such as Art or Media, they need to have a home directory on the Xserve. So if a student does not have a home directory on the Xserve, they just log on and use the computer, saving ot their NT home directory, whereas an art student comes along, puts in their own account and are presented with their home folder on their desktop.
I need somebody to walkthrough binding the Xserve to the AD server and then setting up authentication that way... i'm not sure if all of the clients need to be bound to the AD server as well... i would prefer if they didnt, but if that's what has to happen, so be it.
The logic i invisige is this: (excuse my crude diagram)
[AD Server]-------[Xserve]-------([Mac Clients])
It would be great if i could just set up a user group in AD for those students who need a specific Xserve Home directory, but this could also just as easily be done on the Xserve itself.
Sorry if I am not making any sense, please ask any questions that you need to clarify anything.
Thankyou in advance,