![]() (3) Access to a mutually agreed upon network time server. The account should be able to create, modify, and delete computer records in the targeted OU. Best recommendation is to create an account with limited rights. It is best not to use the domain admin account as you are embedding the credentials into the profile. (2) Access to a user with domain binding rights. Manually binding a test device to the domain will prove out the presence of the records and give you an understanding of the process. They include: (1) a properly configured AD domain with the proper SVR records. However, there are some foundation requirements that need to be met. This is possible with most MDMs, including Profile Manager. For a user to login successfully on a Mac there must be at least Read Only/View rights all the way down to that particular user home folder. Bear in mind most AD administrators organise user home folders by nesting them inside other folders. When an AD user logs in they will have access to their home folder as it exists on the AD Domain but a 'Mac' home folder will also be created locally so they will need to be trained not to save data to that folder. Your PDC must resolve on both pointers Avoid the use of overly restrictive proxies as these can hamper a users working experience on Mac workstations. If you're already using it then expect random problems. If you have a Mac deployment tool you can automate this in the same way you would with SCCM when 'pushing' out your Mac imageĭNS is fundamental to this working successfully. When prompted key in the AD account name and password that has authority to join workstations to the domain. Where it says "Network Account Server" click the Join button You 'bind/join' the Macs to your Domain using the built-in tools on the Client OS (the workstations) to do this just as you would when joining your PCs to the Domain.Ĭlick on the Users & Groups Preference PaneĬlick the lock and supply the local administrator's name and password You don't use Profile Manager to allow AD users to log in.
0 Comments
Leave a Reply. |