Anyone have any good resources or howtos to add my macbook air (2011) to a windows AD Domain (Windows 2008 R2). I want to be able to add the computer to the domain, use a domain account to login, and possibly have a roaming profile and / or login script run from the domain controller.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Adding Macbook Air to Windows Domain
- Thread starter tech324
- Start date
- Sort by reaction score
https://forums.macrumors.com/threads/1192732/
This is a pretty good example within this forum that describes a greater problem with OSX Lion that is pretty rampant out in the interwebs. I remember working with OSX beta and .1 in testing out the beginning AD plugins and I thought they had this well settled. Well looks like it is a bugaboo again. FYI, its in accounts, login options, join network.
This is a pretty good example within this forum that describes a greater problem with OSX Lion that is pretty rampant out in the interwebs. I remember working with OSX beta and .1 in testing out the beginning AD plugins and I thought they had this well settled. Well looks like it is a bugaboo again. FYI, its in accounts, login options, join network.
I've setup about a dozen of the 2011 MBA machines, all running Lion from 10.7.1 up to the latest 10.7.3 and every one of them has bound to our Win2k3 domain without a problem. On every machine I've gone into System Preferences > Users & Groups > Login Options > Join (Network account server) > Open Directory Utility. I open the Active Directory section, point at my FQDN and select advanced options. The boxes I check are:
User Experience
- Create mobile account at login
- Require confirmation before creating
Administrative
- Prefer this DC > Point at local DC since my GC is remote
- Allow administration by
- Allow authentication from any domain in the forest
I hit OK, enter my domain admin credentials and binding is complete. I've had no problem using domain authentication to connect to SMB shares after setting up binding and mobile accounts haven't had any issues signing in when not connected to the network. Maybe I've just been lucky a dozen times in a row, but I don't see where the Lion/AD issue comes into play.
User Experience
- Create mobile account at login
- Require confirmation before creating
Administrative
- Prefer this DC > Point at local DC since my GC is remote
- Allow administration by
- Allow authentication from any domain in the forest
I hit OK, enter my domain admin credentials and binding is complete. I've had no problem using domain authentication to connect to SMB shares after setting up binding and mobile accounts haven't had any issues signing in when not connected to the network. Maybe I've just been lucky a dozen times in a row, but I don't see where the Lion/AD issue comes into play.
Im guessing the difference is 2008 vs 2003. Mind you, I have had no experience with binding to AD since OS 10.3 and Windows 2000 domain, and it was working pretty darn well then.
Conveniently I just opened a brand new 13" MBP and now I can't bind it to the domain. First one out of about 30 that we've done so far since Lion came out. Did too much Googling and came up empty handed. The terminal commands both respond saying that no action was requested, date/time are spot on within 1 minute of the server, I can ping all DCs in the domain, single domain forest, confirmed my account is not locked and is still domain admin, no available system updates, made sure an existing domain object didn't already exist for the computer name......starting to think this user is going to get sent out with a local account which is irritating.