AD authentication for MAC

How reliable is AD authentication for new versions of MAC like Yosemite and El Capitan. There have been issues with earlier versions of MAC OS.
How good is Windows 2012 for handling group policy for MAC? Is there custom ADMX file that could be imported on AD for implementing group policy in MAC computer. I  have connected few MACs to AD most of them are EL Capitan, if they are all reliable I am planning to join all of them of AD
LVL 4
pchettriIT DirectorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tim LapinComputer Consultant (Desktop analyst)Commented:
We have been using AD authentication for our Macs for several years now.  The authentication process has been fairly stable from Mountain Lion onward, with Mavericks marking a further round of improvements.

I can't speak to the Windows server side of things, alas.  Another group manages those boxes.  I can tell you that our domain forest controller is running Windows 2008 R2.  I can only hope that the newer versions have not made it worse.
1
footechCommented:
I haven't experienced any issues with our Macs authenticating against AD from Lion to present (including El Capitan).

Since Group Policy is just registry settings, and Macs are not aware of any such thing, Group Policy would have no effect.  I haven't researched this, but I think the best you could hope for would be some third-party product which might be able to read GP and translate that into something that Macs could act on.
1
pchettriIT DirectorAuthor Commented:
I was looking for group policy template to restrict USB HDD access ,password policy and monitoring through SCOM, if there are MAC based monitoring on SCOM
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tim LapinComputer Consultant (Desktop analyst)Commented:
footech is right.  There is no group policy control for Macs via Active Directory.  Sorry for not reading your initial post more clearly.

As to managing macs, there are several products that provide some sort of management.  Most of them concern themselves with the software side (software libraries, pushing new updates, ...):
Casper by JAMF
SCCM 2012
Munki
Apple Remote Desktop management
and no doubt others.

I am not aware of any tool that provides the level you want.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
serialbandCommented:
While you can join AD from your Mac, you'll mainly get Single Sign On account password authentication.  If you want Group Policy, you'll need expensive 3rd party software.

Thursby Software's ADmit Mac
Centrify Server Suite
PowerBroker Identity Services
1
serialbandCommented:
Macs are also bsd unix systems and you can install software, configure them, and monitor them from the unix command line.
1
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.