This is actually the same problem we are tackling this summer. If you have
another tech person, you should let that person deal with the whole Mac
integration issue. This can eat up some time if you have a busy summer
schedule as you discover nuances in the binding, manage preferences, and
other issues you may not have thought of (1-2 weeks).
I can give you some thoughts about the situation.
Mac OS 10.4:
Does not integrate well with Active Directory. There is a way to do this,
but it will take some time to resolve. I know of a public school in my area
that uses Extremez-IP to resolve this situation. Unfortunately, we are
trying to phase out the 10.4 computers and it will cost us about $4,000 to
implement a 100 concurrent session software. It can be more cost effective
than purchasing Active Directory Binding clients.
Mac OS 10.5:
Integrates with Active Directory very well. The home folders show up as
predicted. Though you don't get the manage preferences, so we also bind the
computer to Open Directory on the XServe.
Active Directory Binding Helpers:
- ADmit Mac (client only)
- New Centrify (client only)
- Likewise (they have a free client version)
- Extremez-IP (server side only, client software not necessary)
Pushing the Binding:
As for the actual binding process, we purchase JAMF Casper Suite for our Mac
management. We push the binding configuration from the server instead of
doing it on the computers. It saved us a load of time from doing everything
manually. Instead of pushing out monolithic images, we push out modular
packages that allows us to customize groups of computers quickly.
Brian Lee
Manlius Pebble Hill School
> From: Renee Ramig <rramig@sevenhillsschool.org>
> Reply-To: A forum for independent school educators <ISED-L@LISTSERV.SYR.EDU>
> Date: Wed, 8 Jul 2009 12:27:28 -0700
> To: <ISED-L@LISTSERV.SYR.EDU>
> Subject: Mac on AD
>
> I know this has been posted here before, but of course, I didn't need to
> know how to do this at the time :)
>
> We were a 95% PC school (with Macs laptops only in our K-1 classrooms).
> But, I bought a cart of Macs to use in our middle school, primarily for
> video.
>
> I need to be able to have these Macs authenticate to my Active
> Directory. What is the easiest way to do this? The main reason I want
> this, is I am going to be using a content filter and bandwidth
> optimization appliance soon, and all users and groups need to be in my
> AD.
>
> Thanks,
>
> Renee Ramig
> Seven Hills School
>
> [ For info on ISED-L see http://www.gds.org/ISED-L ]
> Submissions to ISED-L are released under a creative commons, attribution,
> non-commercial, share-alike license.
> RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L
[ For info on ISED-L see http://www.gds.org/ISED-L ]
Submissions to ISED-L are released under a creative commons, attribution, non-commercial, share-alike license.
RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L
