RE: [Rockies-Edu] Basic AD/OD Triangle Question
RE: [Rockies-Edu] Basic AD/OD Triangle Question
- Subject: RE: [Rockies-Edu] Basic AD/OD Triangle Question
- From: "Hoffmann, Chuck" <email@hidden>
- Date: Fri, 13 Aug 2010 13:42:51 -0600
- Acceptlanguage: en-US
- Thread-topic: [Rockies-Edu] Basic AD/OD Triangle Question
Thanks Corey. I think we are set. Just working with DeployStudio now to get some imaging / binding tasks set up.
-----Original Message-----
From: rockies-edu-bounces+hoffmann_c=email@hidden [mailto:rockies-edu-bounces+hoffmann_c=email@hidden] On Behalf Of Corey Carson
Sent: Thursday, August 12, 2010 4:09 PM
To: email@hidden
Subject: Re: [Rockies-Edu] Basic AD/OD Triangle Question
Hi Chuck,
Your SysAdmin is right...binding the server to AD isn't required. If you want login window and home folder mapping to work properly, though, you need to take that step. When you bind the server to AD, then promote the server as an OD Master, it utilizes the Kerberos realm from AD. That realm is the single sign-on goodness that makes mapping to home folders AND authentication, etc. just work.
Let me know if you'd like more details, or if there's another path you'd like to go.
Thanks,
Corey
----------------
Corey Carson
Apple Education
Colorado, Wyoming and Montana
303.378.7193
800.800.2775 (Tech Support)
Rockies-edu listserve:
http://bit.ly/rockies-edu
----------------
On Aug 12, 2010, at 2:18 PM, Michael T. Scott wrote:
>> When I bind my clients to OD and AD my authentication search policy is set to Open Directory followed by Active Directory. So, the clients are authenticating primarily to the Open Directory server which has the AD credentials. Are the clients binded to AD just as a backup; so that if the OD server goes down the clients can still authenticate directly to AD?
>>
>> Thanks for any help; I have a Sys Admin that is insisting that the OSX server does not have to be bound to AD, just the clients need to be bound to AD and OD. If I understand correctly, this setup would not allow the clients to retrieve the Workgroup Manager settings.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Rockies-edu mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Rockies-edu mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden