Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3723
  • Last Modified:

Adding MAC Machines to Windows 2003 Active Directory Network

Hi guys
I got 11 new MAC machines, I have no idea about MAC OS and how to work with it. I would like to add these machines to my network. I have active directory on windows 2003 R2. is it possible to link these machines to the domain and apply what ever policy I have on the domain ?
0
Ahmed Abdel Salam
Asked:
Ahmed Abdel Salam
  • 3
  • 3
  • 2
  • +2
1 Solution
 
fusioninternetCommented:
You can add the Mac to your existing windows network and use active directory.

However, typically you can only control permissions to directories etc through Active Directory, you can't implement Global Policies.

Apple have an article on this on their website http://www.apple.com/itpro/articles/adintegration/

If you want the Macs to have access to shares etc you need to either use Samba or to install Services for Macintosh on the Windows server, this is included as part of Win2003 Server R2.

As a note: The client version of Microsoft Windows 2000 SFM (Services for macintosh) only seems to work on Mac OS 10.1 - 10.3.

Hope this helps
0
 
heteronymousCommented:
Please do not use SFM. Even what's provided in Win2k3 server is old. As in ugly/crufty. It has not been updated by Microsoft since the days of Mac OS 9 and is never going to be updated. It is based on a seriously outdated version of AFP and you will find it horribly slow, amongst other things.

Better to use smb/cifs.

The following resources should also be helpful:

http://www.bombich.com/mactips/activedir.html

http://www.macwindows.com/AD.html
0
 
heteronymousCommented:
Also, being new to Macs and OS X, you might like to have a look at
http://docs.info.apple.com/article.html?artnum=304757
0
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

 
fusioninternetCommented:
I agree with the above comments, although the one problem with smb is that it doesn't recognise the file creator and works of suffixes, this can be very frustrating as often Mac users (especially pre OS X) tended not to use suffixes.

One other issue is that there are a number of characters not supported by smb such as slash (/) and this can be very frustrating if you are trying to transfer existing files to the new server.

There are a couple of commercial apps which allow better support for AFP but they are quite expensive.

The network protocol issue is one that plagues Windows Server/Mac client environments and one to which there isn't really a good all round solution.

Justin
0
 
Ahmed Abdel SalamAuthor Commented:
Thanks all,
I have a small confusion .. I would like to join this Macs to my domian so I can..
1- allow my domain users to login to this machines like normal windows machines
2- each user will have access to his home folder on the server
3- allow this user to have internet access using my proxy server (ISA Server) which is authenticating these users through active directory.

please give me a step by step guide what I have to do to reach what I am looking for since I have no idea about how to work in MAC OS
0
 
Ahmed Abdel SalamAuthor Commented:
I tried to solve it. so I did the following
from directory service, I check active directory then configure then enter the domain name and click bind.
it's sucessfuly binded to the domain and it shown in my active directory
then I went to system preferance, security, disable auto login
and in directory service, authentication and choose active directory/all availble domains

when I am retstating the machine its allow me to access as admin only and there is no choise to enter domain username and password.
any ideas ?
0
 
DrNikon224Commented:
On the same pane where you disabled Autologin, there is an option to display a "list of users" or "username and password" at the login screen. If you using network authentication, you want "username and password". You won't need to specify domain in the login box, just the username and password.

If you have the network home directory locations in the right place in Active Directory, you can configure those in the Directory Access utility - double click on the Active Directory and click the Show Advanced Options arrow. You should also uncheck "force local home" if you're going to be using network home directories.
0
 
Ahmed Abdel SalamAuthor Commented:
thank you DrNikon, I got how to display user name and password, now I am able to login as a domain user but I am not getting the users home folder. even your comment is not clear for me. can you pls give more details about what need to be done.
0
 
fusioninternetCommented:
On the mac, you need to use the Directory Access utility (its located in Applications -> Utilities).

Once you launch the utility you will see an option of Active Directory, if you highlight it you can select the configure option.
0
 
mshcpartnersCommented:
i'm a long time Mac admin who's recently trying to get our Macs kerberized via Win2003/ActiveDirectory (which i have only a small bit of experience with). i can get the network login to work but i have not been able to specify a network home directory yet. that said, check the help menu of Directory Services, it's pretty full of info about how to do this. my problem is i don't understand all of the ActiveDirectory jargon.

as for using the windows server as a Mac file server, i strongly recommend using ExtremeZ-IP. we had all kinds of trouble with AFP (which is total crap) and SMB, but after installing ExtremeZ-IP we have had no problems. http://www.grouplogic.com
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 3
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now