We help IT Professionals succeed at work.

Adding MAC Machines to Windows 2003 Active Directory Network

3,770 Views
Last Modified: 2012-06-27
Hi guys
I got 11 new MAC machines, I have no idea about MAC OS and how to work with it. I would like to add these machines to my network. I have active directory on windows 2003 R2. is it possible to link these machines to the domain and apply what ever policy I have on the domain ?
Comment
Watch Question

Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Please do not use SFM. Even what's provided in Win2k3 server is old. As in ugly/crufty. It has not been updated by Microsoft since the days of Mac OS 9 and is never going to be updated. It is based on a seriously outdated version of AFP and you will find it horribly slow, amongst other things.

Better to use smb/cifs.

The following resources should also be helpful:

http://www.bombich.com/mactips/activedir.html

http://www.macwindows.com/AD.html
Also, being new to Macs and OS X, you might like to have a look at
http://docs.info.apple.com/article.html?artnum=304757
I agree with the above comments, although the one problem with smb is that it doesn't recognise the file creator and works of suffixes, this can be very frustrating as often Mac users (especially pre OS X) tended not to use suffixes.

One other issue is that there are a number of characters not supported by smb such as slash (/) and this can be very frustrating if you are trying to transfer existing files to the new server.

There are a couple of commercial apps which allow better support for AFP but they are quite expensive.

The network protocol issue is one that plagues Windows Server/Mac client environments and one to which there isn't really a good all round solution.

Justin
Ahmed Abdel SalamPh.D. Candidate

Author

Commented:
Thanks all,
I have a small confusion .. I would like to join this Macs to my domian so I can..
1- allow my domain users to login to this machines like normal windows machines
2- each user will have access to his home folder on the server
3- allow this user to have internet access using my proxy server (ISA Server) which is authenticating these users through active directory.

please give me a step by step guide what I have to do to reach what I am looking for since I have no idea about how to work in MAC OS
Ahmed Abdel SalamPh.D. Candidate

Author

Commented:
I tried to solve it. so I did the following
from directory service, I check active directory then configure then enter the domain name and click bind.
it's sucessfuly binded to the domain and it shown in my active directory
then I went to system preferance, security, disable auto login
and in directory service, authentication and choose active directory/all availble domains

when I am retstating the machine its allow me to access as admin only and there is no choise to enter domain username and password.
any ideas ?
On the same pane where you disabled Autologin, there is an option to display a "list of users" or "username and password" at the login screen. If you using network authentication, you want "username and password". You won't need to specify domain in the login box, just the username and password.

If you have the network home directory locations in the right place in Active Directory, you can configure those in the Directory Access utility - double click on the Active Directory and click the Show Advanced Options arrow. You should also uncheck "force local home" if you're going to be using network home directories.
Ahmed Abdel SalamPh.D. Candidate

Author

Commented:
thank you DrNikon, I got how to display user name and password, now I am able to login as a domain user but I am not getting the users home folder. even your comment is not clear for me. can you pls give more details about what need to be done.
On the mac, you need to use the Directory Access utility (its located in Applications -> Utilities).

Once you launch the utility you will see an option of Active Directory, if you highlight it you can select the configure option.
i'm a long time Mac admin who's recently trying to get our Macs kerberized via Win2003/ActiveDirectory (which i have only a small bit of experience with). i can get the network login to work but i have not been able to specify a network home directory yet. that said, check the help menu of Directory Services, it's pretty full of info about how to do this. my problem is i don't understand all of the ActiveDirectory jargon.

as for using the windows server as a Mac file server, i strongly recommend using ExtremeZ-IP. we had all kinds of trouble with AFP (which is total crap) and SMB, but after installing ExtremeZ-IP we have had no problems. http://www.grouplogic.com
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.