Anyone implemented Apple Schema Extensions in their AD

Posted on 2009-02-18
Last Modified: 2013-11-11
Have a request to extend our AD schema for Apple Schema Extensions. Up till now we have only done Microsoft schema additions such as Server 2008, Exchange 2007, etc.

Looking for some feedback from any IT professionals that have implemented Apple Schema Extensions  in their production AD.

We are going to test it in a lab but like to get some real world experiences to know if anyone has had issues, there are some known issues or concerns, or it went well .

Question by:NetworkRangers
    1 Comment
    LVL 32

    Accepted Solution

    No guarantees but...

    Apple provided 38 attributes and 10 classes to the AD schema.  These attributes can be used to store additional information for the Macs.  These are unpopulated placeholders.  According to Apple - as long as the attributes contain no information, the Macs will function as normal [that is, the behaviour of the Macs would only be affected when the information is populated (for that site).  These new attributes are managed via  the Apple Workgroup Manager tool -  this is the only LDAP browser that knows how to set the proper flags, etc for the apple policies. The engineers who manage the Mac will just need to point the Manager tool towards Active Directory to access these attributes.  
    As for Leopard, there are no known issues with the schema extensions, but please remember there are known issues with the AD plug-in on the workstations/server.  These issues are not related to Apple Schema Extensions.

    The Bottom line, we were having mny other issues after the schema extensions getting 10.5 xServe OD/AD integration to function 100%.  We moved to and have been happy since.  This plugin works very well with AD and our Mac clients 10.4 and 10.5

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    In this article we discuss how to recover the missing Outlook 2011 for Mac data like Emails and Contacts manually.
    Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now