Difference between revisions of "Active Directory/Documentation"
Jump to navigation
Jump to search
Line 64: | Line 64: | ||
*[[/Dual directory | Dual directory]] Adding an Open Directory domain running on a Mac OS X Server, also known as a "Magic Triangle" configuration | *[[/Dual directory | Dual directory]] Adding an Open Directory domain running on a Mac OS X Server, also known as a "Magic Triangle" configuration | ||
*[[/Third-party solutions | Third-party solutions]] Options include Thursby's ADmitMac or Centrify DirectControl. | *[[/Third-party solutions | Third-party solutions]] Options include Thursby's ADmitMac or Centrify DirectControl. | ||
+ | |||
+ | Additional resources: | ||
+ | #[http://images.apple.com/itpro/pdf/AD_Best_Practices_2.0.pdf Best Practices: Integrating Mac OS X with Active Directory] | ||
Issues to address: | Issues to address: |
Revision as of 09:44, 19 June 2008
Active Directory Users and Computers
Automatic Logon
Administrative Users
Automatic Updates (WSUS)
- WolfTech WSUS
- WSUS Update Policy
- Manually Install Updates
- WSUS Notification Email Template
- WSUS Management Console
- Manipulate Client Behavior Using Command-line Options
Disaster Recovery
DNS
File Servers
Folder Redirection
Distributed File System (DFS)
Group Policy
Group Policy Preferences
- Overview
- Remote Server Administration Tools
- Configuring Preferences
- Clients & Deploying Preferences
- Item-Level Targeting
Internet Explorer 7
Laptops
Macintosh
- Parallels (BME is currently beta testing)
Options for integrating Mac OS X clients with AD
With the included Active Directory plug-in, OS X can be configured to authenticate to an AD domain, and use network home directories. More comprehensive management (MCX) requires one of the 3 options below:
- Extending the AD schema Adding 38 attributes and 10 classes to the AD schema.
- Dual directory Adding an Open Directory domain running on a Mac OS X Server, also known as a "Magic Triangle" configuration
- Third-party solutions Options include Thursby's ADmitMac or Centrify DirectControl.
Additional resources:
Issues to address:
- Configuring your mac to use your UnityID/paswd (specifically, by authing against the DCs, but alternatively against the campus KDC). Plus how the laptop reacts when not on the network - should be caching.
- Adding your Mac to the domain.
- Restricting access to AD defined users.
- Printing from your domain'd mac to a Windows print server; and to a WolfCopy printer.
- ksmbprintd v1.0 (http://www.deploystudio.com/News/Entries/2008/4/7_ksmbprintd_v1.0.html / http://www.deploystudio.com/Downloads/ksmbprintd_v1.0.dmg) -- courtesy of Everette, needs to be tested.
- Accessing Windows file shares from your domain mac
- Why DFS doesn't work, or if the new OS fixes this. And steps to get around this (3rd party apps - AdmitMac) or things to look out for).
- Options to apply policies to the mac client via GP? (likely to require 3rd party apps)
- Scripts to inventory hardware/applications on your mac clients (longterm we'd want a WolfTech Collector Agent for Macs)
- AFS client for Macs
- Software distribution to Mac via GP?
Migrating
Active Directory Migration Tool (ADMT)
MS-SQL
New OU Admins
Printing
Public Labs / Kiosks
Remote Assistance
- Configuring AD for Remote Assistance
- Offering Remote Assistance
Remote Installation Services (RIS)
Scripting
Services for UNIX
Software Packaging
- Packaging Notes
- Assigning Software via Group Policy
- Windows Installer
- Manually Uninstall MSI
- Removing Ghost Installs
- Controling Licenses via GPP