Yes this post has to do with Apple Mac but also it involves Active Directory.
A few weeks ago we introduced three MacBook Pro’s to our work network which was a bit of a challenge to join to our Windows Domain. After going through numerous tutorials and walk-through’s and still not being able to get it working, I just changed one little setting that seemed to be the key to solving the problem, turned out that it was exactly what needed to be changed.
Firstly these laptops are running Snow Leopard. The server is running Windows Server 2008 Enterprise R2. The Active Directory Domain Services Role installed.
- On the Mac, open System preferences –> Network (click the lock and put in your admin user name and password if its not already unlocked)
- Choose the connection type that you wish to use, I’ve chosen Ethernet for this example.
- This point is the key to getting it working. In the DNS Server: you must put the server IP address that runs your Active Directory Services. As you can see in the picture below the router is 192.168.12.1, this IP address will work as the DNS server on a machine running Windows, but not for Mac. For the Mac we use 192.168.12.6 in this example because this server is running the Active Directory Domain Services which consists of the Active Directory and DNS. With Server 2003 this used to be two separate roles on the server.
- Make sure to use the IP address of your server running Active Directory Domain Services!
Click the advanced button
Image may be NSFW.
Clik here to view.
The advanced settings below, click the add button (+), Add your DNS Server, ignore the column on the right so long, that will be added automatically later.
Image may be NSFW.
Clik here to view.
Now for the actual adding to the domain.
- Open System preferences again, the click Accounts
- Click Login Options then Edit (Unlock the settings at the bottom if needed)
Image may be NSFW.
Clik here to view.
Next you’ll get a box coming up, click the Open Directory Utility button. (I’ll be using the advanced settings for this example)
Image may be NSFW.
Clik here to view.
Click the box next to Active directory, then click it to make sure its selected, then click the edit button (it looks like a pencil)
Image may be NSFW.
Clik here to view.
- In this screen you’ll have the option to unhide the Advanced Options, go ahead and do this.
- Make sure to enter your computers name, it must be the name that you gave it when doing the configuration after installing. The “Active Directory Forest field will populate itself once it has joined the domain.
- Fill in the field for Active Directory Domain.
- In the User experience make sure the boxes are ticked like in my screen-shot.
- We aren’t concerned about the Mappings tab.
- So on to the Administrative tab.
Image may be NSFW.
Clik here to view.
- Tick “Prefer this domain server:”. Now type in the name of your server that we mentioned earlier, not the IP address.
- Tick the last box to allow authentication from any domain.
Image may be NSFW.
Clik here to view.
- Once everything is filled in and changes made, you can click the Bind button. It will ask you for the Mac admin password then it will ask for a Use rname and Password so that it can authenticate with the server. I used the servers Administrator login and password for this.
- After the Mac has been joined to the domain you can logout, then at the login screen you can put in any user details that you have on your Active Directory. It must be a valid user on the domain, also the password must be the one that was set on Active Directory for that user.
- Once you put in the details and login it will create an account on the Mac. Any logon scripts that you have set on the server will also apply to the Mac.