How to set up Active Directory
Nov 14, '03 10:13:00AM
Contributed by: LittleSaint
I've seen a lot of people asking how to setup Active Directory (AD), so I thought I'd post my setup which works. This assumes you have a working AD tree, properly configured DNS, and an account that can add computer objects to AD. Here's what the plug-in configuration looks like in Directory Access (located in /Applications -> Utilities):
- Active Directory Forest: forest.company.net
- Active Directory Domain: mydomain.forest.company.net
- ComputerID: mycomputer
You can make the forest the same as the domain if your users don't need to access resources outside the domain. I found this also speeds up authentication in some cases. When you click on Bind..., you have to enter a username and password that has rights to add computers. The format is just:
username
password
Advanced Settings:- Turn on the account cache if the computer will be used offline.
- Turn on multiple domains if users need to access multiple domains
- If you have more than one domain controller, you can specify the one you want to use: pdc.mydomain.forest.company.net
- Map a UID: If you don't know what this is leave it alone.
- Allow administration by: you can put an AD group name here and anyone in that group is added to the local admin group in netinfo.
Select OK, quit Directory Access, reboot.
Comments (26)
Mac OS X Hints
http://hints.macworld.com/article.php?story=20031106100001429