Re: [Rockies-Edu] Basic AD/OD Triangle Question
Re: [Rockies-Edu] Basic AD/OD Triangle Question
- Subject: Re: [Rockies-Edu] Basic AD/OD Triangle Question
- From: Corey Carson <email@hidden>
- Date: Thu, 12 Aug 2010 16:09:00 -0600
Hi Chuck,
Your SysAdmin is right...binding the server to AD isn't required. If you want login window and home folder mapping to work properly, though, you need to take that step. When you bind the server to AD, then promote the server as an OD Master, it utilizes the Kerberos realm from AD. That realm is the single sign-on goodness that makes mapping to home folders AND authentication, etc. just work.
Let me know if you'd like more details, or if there's another path you'd like to go.
Thanks,
Corey
----------------
Corey Carson
Apple Education
Colorado, Wyoming and Montana
303.378.7193
800.800.2775 (Tech Support)
Rockies-edu listserve:
http://bit.ly/rockies-edu
----------------
On Aug 12, 2010, at 2:18 PM, Michael T. Scott wrote:
>> When I bind my clients to OD and AD my authentication search policy is set to Open Directory followed by Active Directory. So, the clients are authenticating primarily to the Open Directory server which has the AD credentials. Are the clients binded to AD just as a backup; so that if the OD server goes down the clients can still authenticate directly to AD?
>>
>> Thanks for any help; I have a Sys Admin that is insisting that the OSX server does not have to be bound to AD, just the clients need to be bound to AD and OD. If I understand correctly, this setup would not allow the clients to retrieve the Workgroup Manager settings.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Rockies-edu mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden