Solved

Setting up Magic Triangle - integrating Mac Server Open Directory with AD on Server 2012

Posted on 2013-11-06
3
2,590 Views
Last Modified: 2013-11-08
Just built a new server 2012 as Domain Controller for the LAN, which is the first & only server on this LAN. We have 50 Mac's & 50 Windows PC's, about 80% are laptops. I've met with our Apple Business team and get some great advice. The plan is to use AD for user authentication and the Mac server to handle Managed Preferences, similar to how you manage Windows machines with Group Policy.

I've created our internal Windows domain as xxxx.private since .local is used by the Bonjour service for broadcast communications I'm told.

Now the rubber is meeting the road.

My initial questions are:

1) When setting up Open Directory on the Mac OS X Server (Mavericks), do I select to create a new domain or join an existing domain?

2) Do I need DNS service running on the Mac Server too?

Thanks.
0
Comment
Question by:WineGeek
  • 2
3 Comments
 
LVL 32

Accepted Solution

by:
nappy_d earned 500 total points
ID: 39629997
The first domain and only domain you should setup is via AD.

Once you have Active Directory(AD) is setup correctly, you should then add a DNS entry for the Mac OS X Server to your Active Directory domain server.  

The next step would be to Now setup Open Directory(OD) on your Mac server.

After OD is setup, you will need to join your Mac server to AD using the Directory utility.

After this is completed, you have your Golden Triangle and you can access AD for user and group security etc.

Do not use .local for the Macintosh it is not recommended for use within the environment it can cause issues.
0
 

Author Comment

by:WineGeek
ID: 39632170
When I go to setup Open Directory on the Mac server, it asks me to choose one of the following:

( ) Create a new Open Directory domain

( ) Join an existing Open Directory domain as a replica

Which one do I choose? I don't have an existing Open Directory domain, I only have an existing AD domain.

Thanks.
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 39632273
choose a new open directory domain. for all intents and purposes OD and AD are separate domains but are sharing a single DNS infrastructure, that which you have setup with AD.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 2012 R2 Server -- SERIVCES checklist ? 4 99
Remote Desktop Certificates 6 45
Server 2012 R2 RDS NAT disconnects 5 30
Doubt. 2 58
In my previous 24 VMware Articles (http://www.experts-exchange.com/ARTH_1864316.html?arthOrderBy=3&arthSort=1#arth), most featured Intermediate VMware Topics. My next series of articles concentrated on topics for the VMware Novice;   If you would…
This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now