We help IT Professionals succeed at work.

Adding Macs to AD Domain, accessing windows shares, printers, etc...

tenover
tenover asked
on
Our company would like to begin bringing MacBooks in to the domain as client computers in the near future.  We run an Active Directory domain with file shares, Exchange,printers, SQL, etc... I realize that they will all need VMWare Fusion to run Windows virtual machines for some things, but what's the easiest way to at least have the MacBooks authenticate against AD, login to the domain, access file shares PERSISTENTLY (so it is automatic when they are in the office) and access network printers?
Comment
Watch Question

The following instructions apply to Leopard--I'm not sure if this would apply to earlier versions of OS X:

1) From Finder, select Go-->Utilities from the menu
2) Run "Directory Utility"
3) Click the little padlock, and enter a Mac admin's credentials to unlock it
4) Click on "Show Advanced Settings"
5) When the toolbar appears, select "Services" and then select "Active Directory" checkbox
6) Next, select "Directory Servers" from the toolbar, then click the "+" button to add your AD domain server
7) In the top drop-down box "Add a new directory of type," select "Active Directory".
8) Enter the name of your domain (I used FQDN nomenclature as in "mydomain.com"), then enter the username and password of a Domain Admin that is authorized to add computers to the AD directory and click OK
9) In the directory servers list, you should now see your domain with a little green light next to it and the message "This server is responding normally."
10) Now log off.
11) If the Mac is configured to show a list of users at login, select "Other" at the bottom. Enter your domain logon credentials: "mydomain\username" and your password. The machine will pause a minute to create new user folders, and then you're in AND you have access to all of your network shares without entering your name and password again.

That's it! What's cool is that any domain user can now log on to the machine without a local account being set up first.

Some caveats:

You will have trouble if the domain userID happens to match the short name of a local Mac account, e.g., if there is a local account named "Rich" and a domain user "mydomain\Rich" this will not work properly--it won't create new user folders for the domain user.

If you ARE running Leopard, make sure you're up to date. I was reading some complaints in another forum that AD integration was broken in Leopard prior to 10.5.2. I haven't personally verified that this is true, but just a word to the wise...

Hope this helps, have fun!

Author

Commented:
Thank you.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.