Solved

OS X 10.5.5 integration with Active Directory

Posted on 2008-10-27
6
1,706 Views
Last Modified: 2013-11-12
I'm trying to get a couple macs on my Windows AD network and I'm having a few issues.

First of all, this is what I want to have happen: When you boot up a Mac I want to see the login/password screen and allow network AD users to log into the computer.

And this is what I've done so far:

1. Enabled the Active Directory server in the Directory Utility
2. Added my AD directory server (and it's reporting that it is responding normally)
3. Within the Active Directory advanced settings:
    a. Checked "Create mobile account at login"
    b. Unchecked "Require confirmation before creating a mobile account"
    c. Unchecked "Use UNC path from AD to derive network home location"
4. Within the System Pref. Accounts:
    a. Set Automatic login to disabled
    b. Set display login window as name and password

I believe I also need to check the option that says "Allow network users to login to this computer" but it doesn't seem to be showing up. So the end result is, I can only login using my local credentials - no AD user.

WHat am I missing??? Thx!
0
Comment
Question by:graphicodyssey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 28

Accepted Solution

by:
jhyiesla earned 500 total points
ID: 22820533
I login every day with my AD credentials. I've done pretty much what you have done with the exception of creating the mobile user account and I don't specify the name and password option, but that shouldn't have anything to do with your missing field.

The option you want lives in the Accounts System Preferences and can be accessed by clicking on the Login Options button on the left side of the window. If it's there, but grayed out, click on the padlock, if it's closed, and enter in your local admin credentials, then you will be able to change those options.
0
 

Expert Comment

by:curwengroup
ID: 22857570
What hardware platform are your Mac's?
The reason i'm asking i that in the past we have had great success with Macbooks and iMac's joining Active directory, but MacBook Pro's and Mini's have always had an issue of some sort.
0
 
LVL 28

Expert Comment

by:jhyiesla
ID: 22857596
I am using a fairly new Intel-based Mac Pro running 10.5.5. When I first bound my Mac to AD, it was running 10.5.3 and I've upgraded since then to 10.5.5.  
0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 1

Author Comment

by:graphicodyssey
ID: 22857602
So I walked through all the steps again this time and viola... the "Allow network users" checkbox showed up in the control panel and I was able to finally authenticate using an NT user.

I think the problem had to do with how I was connecting to the LAN. I was connected to the work LAN via a Cisco VPN client. The AD binding worked fine, but the Mac OS must need to see the AD network when booting up (and unfortunately the Cisco VPN client for Macs does not support that). When I created the binding the second time, I was at the office on the LAN so I didn't have to use the VPN client. Now that I was on the LAN once, Im able to be remote and it still works great.

Thanks everyone for your help.
0
 
LVL 1

Author Comment

by:graphicodyssey
ID: 22857605
BTW, I'm using a Mac Book Pro.
0
 
LVL 1

Author Comment

by:graphicodyssey
ID: 22857612
One other comment - that checkbox wasn't grayed out - it simple wasn't there - regardless of clicking on the padlock to change the settings. But once I connected to the network directly, it showed up fine.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question