AUGD: How to connect Leopard to Active Directory
AUGD: How to connect Leopard to Active Directory
- Subject: AUGD: How to connect Leopard to Active Directory
- From: "Gilbert Palau" <email@hidden>
- Date: Thu, 15 Nov 2007 17:31:09 -0500
I am writing this in case there are people out there with problems
joining a Leopard Machine to an active directory domain. Last week we
had to do this to add some of the new imacs in the office to our
Active Directory (AD from here on), and it was a pain... So after I
found everything we needed I decided to compile an easy guide for
everyone else who is in the IT realm to have on the side just in case
you need to add a system like we did.
The main problem is a protocol Leopard uses called Bonjour. Bonjour,
also known as zero‐configuration networking, enables automatic
discovery of computers, devices, and services on IP networks. Bonjour
uses industry standard IP protocols to allow devices to automatically
discover each other without the need to enter IP addresses or
configure DNS servers. Kind of like a .NET for Networks. So if you
have the printers, networks, drive shares configured using bonjour,
all machines with the proper access can talk to those devices, without
further configuration. Bonjour adds the .local surname to any machine
name its attached to.
Hence the problem.
Our domain in SAMPLECOMPANY (for this example), uses COMPANY, but in
the AD Arquitecture, its COMPANY.LOCAL this event caused a conflict
with the authentication since the machine in question was
marketingimac.company.local.local
The solution for this relies on two different ways to do it. It can be
done either way…
1. Rename the AD domain to something else instead of .local
(.internal, or .edu, or .net or .org). If
2. Stop the daemon Bonjour from running on OSX Leopard. You can do
this with an application called iServeBox, which is a free open source
utility to manage daemons in OSX. You can get the application from
here: http://www.hanynet.com/iservebox/index.html
I turned off the Bonjour daemon. Then i proceeded with the following
steps to add the imac to the domain:
1. Go to the Directory Utility ‐> /Applications/Utilities/
2. Click the Advanced Settings Button ‐> Buttons should appear on the top
3. Click Services
4. Make sure you're authenticated to makes changes ‐> click the lock and login
5. Double‐click the Active Directory
6. type in your domain in "Active Directory Domain" ‐> ex.
(mydomain.com) watch out if your domain ends with .local opposed to
.com or .net, you need to disable bonjour if it ends with .local.
7. click bind
8. enter in username and password ‐> just the username NOT
email@hidden or MYDOMAIN\User
9. Click ok.
Hope this helps people having trouble adding a Leopard Mac to an
Active Directory Domain.
--
Gilbert Palau
network engineer, MSCE, ASE
email@hidden
"If you talk to God you are religious. If God talks to you, then
you're psychotic -Dr. House, MD"
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Augd mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden