How to manage user accounts on Mac's in Active Directory Server 2012 domain

This environment consists of about 20 Win7 PC's (mostly laptops) & 50 MacBook Air laptops running OS X 10.7 or later.

They've been using just a NAS for central storage and we're just now introducing their first server into the environment. It's running Windows Server 2012 & is a Domain Controller. It will replace the NAS for the central data store along with providing authentication for the computers & users.

I've been researching how to manage the user accounts on the Mac's. So far it seems the Magic Triangle or Golden Triangle approach might be too old school and not too management-friendly. We're definitely going to need Mobile accounts so the users can log on when out of the office. But I'm not finding a best approach yet on how to migrate these existing local user accounts to a network account without doing some hacking on the Mac.

We're looking for authentication for the domain for the Mac's as well as the ability to lock down settings on the Mac's like you can with Group Policy for Windows PC's. I'm aware of Centrify and another one like it too.

I'm just wondering what you all are doing out there who have these environments. Thanks.
WineGeekAsked:
Who is Participating?
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
Unfortunately, you will have to migrate the data of their accounts from the local to network accounts.

As you have been discovering, Active Directory and a solution such as Centrify would be the go to choice for a single point of management.

If budget for your company is tough maybe just use AD to bind the Macs for authentication.  The users will not be given administrative privileges.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.