• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 681
  • Last Modified:

Anyone implemented Apple Schema Extensions in their AD

Have a request to extend our AD schema for Apple Schema Extensions. Up till now we have only done Microsoft schema additions such as Server 2008, Exchange 2007, etc.

Looking for some feedback from any IT professionals that have implemented Apple Schema Extensions  in their production AD.

We are going to test it in a lab but like to get some real world experiences to know if anyone has had issues, there are some known issues or concerns, or it went well .

1 Solution
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
No guarantees but...

Apple provided 38 attributes and 10 classes to the AD schema.  These attributes can be used to store additional information for the Macs.  These are unpopulated placeholders.  According to Apple - as long as the attributes contain no information, the Macs will function as normal [that is, the behaviour of the Macs would only be affected when the information is populated (for that site).  These new attributes are managed via  the Apple Workgroup Manager tool -  this is the only LDAP browser that knows how to set the proper flags, etc for the apple policies. The engineers who manage the Mac will just need to point the Manager tool towards Active Directory to access these attributes.  
As for Leopard, there are no known issues with the schema extensions, but please remember there are known issues with the AD plug-in on the workstations/server.  These issues are not related to Apple Schema Extensions.

The Bottom line, we were having mny other issues after the schema extensions getting 10.5 xServe OD/AD integration to function 100%.  We moved to http://www.centrify.com and have been happy since.  This plugin works very well with AD and our Mac clients 10.4 and 10.5
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now