Jump to content

Apple macs and Active Directory integration


buzzinh

Recommended Posts

Hey guys.

Ok this may take a bit of explaining. :unsure:

I work @ A high school in the uk as an IT techi.

We have a 2003 server active directory network and the usual exchange server + IIS setup.

We have been given the task of ADDING a suite of 20 Intel iMacs to the network.

My problems:

- We want to restrict the macs to they can't be messed with by the kids

- We want a "server" for 1TB of storage

- Seemeless integration into AD (logon with same credentials as on windows PC)

- Lock down directories on the "server" per active directory account.

- keep files on the "server" (imovie/photoshop etc..) out of the users main home drive on the main networkso not to impact current backup sizes (imovie files can get large)

- Manage setup of macs via a Group policy type thing (can osx server do this/is it poss in 2003 server)

- we don't want loads of admin crap like copy user accounts and creatin user areas with permisions we want it seemless.

and the Main issue im trying to find the answer to. Would this be best done with an apple xserv ADDED as a scondaty domain controller to the Win 2003 AD. so the macs would auth to the domain+active directory or should we just buy another dell server (we have several and get good deals from dell in edu) wack 2003 server on it and auth to that from the macs)

or

put by boss what functionality does a mac osx server give us OVER macs directly connected to active directory given that we don't want to do loads of admin to get user accounts in and user areas setup on the "server"

some of this may not make sense as i don't have a mac here / any macs here, i have not used leopard yet and i don't have a mac at home.

I hope (to avoid critism) that i have fully explained everything clearly and fully...althought knowing me and the flat stress/panik im in about this probably not. :unsure:

thanks.

Buzzinh (ollie)

Link to comment
Share on other sites

Hey guys.

Ok this may take a bit of explaining. :unsure:

I work @ A high school in the uk as an IT techi.

We have a 2003 server active directory network and the usual exchange server + IIS setup.

We have been given the task of ADDING a suite of 20 Intel iMacs to the network.

My problems:

- We want to restrict the macs to they can't be messed with by the kids

- We want a "server" for 1TB of storage

- Seemeless integration into AD (logon with same credentials as on windows PC)

- Lock down directories on the "server" per active directory account.

- keep files on the "server" (imovie/photoshop etc..) out of the users main home drive on the main networkso not to impact current backup sizes (imovie files can get large)

- Manage setup of macs via a Group policy type thing (can osx server do this/is it poss in 2003 server)

- we don't want loads of admin crap like copy user accounts and creatin user areas with permisions we want it seemless.

and the Main issue im trying to find the answer to. Would this be best done with an apple xserv ADDED as a scondaty domain controller to the Win 2003 AD. so the macs would auth to the domain+active directory or should we just buy another dell server (we have several and get good deals from dell in edu) wack 2003 server on it and auth to that from the macs)

or

put by boss what functionality does a mac osx server give us OVER macs directly connected to active directory given that we don't want to do loads of admin to get user accounts in and user areas setup on the "server"

some of this may not make sense as i don't have a mac here / any macs here, i have not used leopard yet and i don't have a mac at home.

I hope (to avoid critism) that i have fully explained everything clearly and fully...althought knowing me and the flat stress/panik im in about this probably not. :unsure:

thanks.

Buzzinh (ollie)

Buzzinh,

I'm not super familiar with integrating macs with AD, but I do know that for full integration, you need to have an X Serv. There is documentation that Apple has for doing the integration, and AFAIK, it gives you full AD control over of the macs the same as 2k3 with all of Windows. I'm sorry that I can't give you specifics, but I know its out there, and if you can talk to Apple Enterprise when your boss wants to move forward, 1) they can probably cut you some good deals due to volume and education, 2) They can send a rep and an engineer down to show you how to do the integration with Windows and AD.

--Wess

Link to comment
Share on other sites

Wess

Thanks muchly for the advice. I think thats the best route to get someone down to talk to us because its kind of a unknown for us and i know there is alot of questions my boss would want to ask.

Thanks again for reply

Ill let you know how it goes.

Cheers

BuzzinH (Ollie)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...