Mark Minasi's Reader Forum
Mark Minasi's Reader Forum
Home | Profile | Register | Active Topics | Active Polls | Members | Search | FAQ | Minasi Forum RSS Feed
 All Forums
 HALP! Questions on Windows and Windows Server
 Macintosh integration
 Current state of Mac integration?

Note: You must be registered in order to post a reply.
To register, click here. Registration is FREE!

Screensize:
UserName:
Password:
Format Mode:
Format: BoldItalicizedUnderlineStrikethrough Align LeftCenteredAlign Right Horizontal Rule Insert HyperlinkInsert EmailInsert Image Insert CodeInsert QuoteInsert List
   
Message:

* HTML is OFF
* Forum Code is ON
Smilies
Smile [:)] Big Smile [:D] Cool [8D] Blush [:I]
Tongue [:P] Evil [):] Wink [;)] Clown [:o)]
Black Eye [B)] Eight Ball [8] Frown [:(] Shy [8)]
Shocked [:0] Angry [:(!] Dead [xx(] Sleepy [|)]
Kisses [:X] Approve [^] Disapprove [V] Question [?]

 
Note: please do not cross-post.
Cross-postings will be deleted and ignored.
Thanks for helping to keep this forum junk-free!
Check here to subscribe to this topic.
   

T O P I C    R E V I E W
Endaar Posted - 03/29/2012 : 2:28:15 PM
Hi All,

I'm in K-12, which means every year or so someone in administration gets the bright idea to start bringing in Macs. I'm hearing rumblings again in this direction, so I figured I'd ask...what's the current state of Mac integration with AD/NTFS/etc.

Can they authenticate against AD? Any schema changes necessary?

Can they read/write NTFS? Is that fully supported? Anyone have experience with it?

Etc..etc...

Thanks,
James
12   L A T E S T    R E P L I E S    (Newest First)
JQuinn Posted - 10/02/2012 : 08:26:31 AM
Just my two cents:

We bind all of our mac's to our AD mostly without issue. I say that because for several users on 10.7 their windows home drive comes up with a "no" sign on it although permissions are set properly. Besides that we have 100 macs all accessing windows file servers without issue. We are in the process of migrating off of a mac server to a windows cluster with ExtremeZIP installed which lets the mac clients speak native AFp to the windows file servers, a very helpful product. It will still let them color their folders and use the illegal characters that windows would throw up on.

I believe there is also a product called centrify which helps with AD as well.

HTH,
James
Rastor728 Posted - 06/04/2012 : 10:35:00 AM
http://www.apple.com/macosx/server/

http://www.apple.com/remotedesktop/

this tool is for remote management and monitoring of OS X workstations/servers including Application deployment and profile management, can also use VNC to Windows workstations if installed as well) and is not like Windows Remote Desktop (Remote Desktop Services)

If you are going to try Windows Active Directory Integration (Network home folders, Windows File Shares etc), getting at least one OS X Server system up and running with Apple Remote Desktop will give you the best tools to start with.


http://www.macwindows.com/adinstruct.html

Will give you some other items to configure and other configuration help from Microsoft and Apple.
nickw Posted - 06/02/2012 : 09:58:19 AM
We are now selling about 1 mac client in every 5 desktops... more and more are moving to the platform, myself included.

I am looking for good software to manage the mac "Group Policy" on a network, so any advice welcome in additon to above.
Btil Entrails Posted - 05/01/2012 : 5:56:43 PM
Support of Windows AD (2003 Server) / Mac OD (AD/OD) environments was no issue, until Apple decided to stop creating a true server that would allow you to point AD user profiles to the AFP or Mac storage. I know that Apple sells a little cube that they are calling a server device today, but it is not the same as was used in the past.

We still have this configuration up and running and it will support our school for a couple more years. Can only hope that Apple decides to move back into a true solution of supporting Apple laptops / workstations in a school or corporate world with real management tools that are seeing support and integration with Windows AD, but I will not hold my breath for this one.

Since Apple has moved away from any type of support or machine management, a third party vendor is the solution that Apple sales staff is pushing for schools and I know it is being used in the corporate world as well. Not a user, just offering some direction to make life better. http://www.jamfsoftware.com/
Rastor728 Posted - 03/30/2012 : 1:10:55 PM
One place I found with some of the "old" hints and looks like some new articles is www.macwindows.com/adinstruct.html
Endaar Posted - 03/30/2012 : 11:43:25 AM
quote:
This is writing to a mapped (NTFS) drive over the network?

Correct, although I've also seen comments about NTFS on external (local) HDDs.
aval Posted - 03/30/2012 : 11:41:40 AM
quote:
I'm really not clear on the NTFS support though. I have done a lot of searching, and almost everything I see talks about 3rd party drivers for NTFS. Yes there seems to be some built-in ability to read/write NTFS in the most recent couple of versions of OSX, but there are reports of instability, data corruption, inability to write to external HDDs, etc.


This is writing to a mapped (NTFS) drive over the network?

To be honest, I've tested it with a couple documents and they seemed to save OK and I was able to open them. I only have one user that might do this on a day-to-day basis and she has not mentioned any problems - so far.
Rastor728 Posted - 03/30/2012 : 11:13:20 AM
In my tenure as a K-12 Administrator, the biggest problem in file shares and AD integration was that many Macintosh users include punctuation in file and folder names such as Question marks, Exclamation Points, Percent Signs, Slashes, Double Slashes etc.

Things like that don't play well between the formats.

Ever since OS 10.2 and 10.3 the AD Integration worked pretty well when creating and assigning network home folders for Desktop computers. Roaming profiles and offline files for portable MACs was a little more tricky.

Especially if you have users alternating back and forth between the two systems on a daily or regular basis.
pretzeldude Posted - 03/30/2012 : 09:07:20 AM
We've had all sorts of problems with MAC clients accessing SMB shares. There's a ton of information on this site: http://www.macwindows.com/lion-filesharing.html

I'm exploring the possibility (depending on time/budget) of getting this product. It is supposed to help with bridging the functionality issues with SMB>AFP

http://www.grouplogic.com/enterprise-file-sharing/mac-windows-file-sharing/
Endaar Posted - 03/30/2012 : 09:01:20 AM
Thanks for the info. Read the Technet link and it was helpful.

I'm really not clear on the NTFS support though. I have done a lot of searching, and almost everything I see talks about 3rd party drivers for NTFS. Yes there seems to be some built-in ability to read/write NTFS in the most recent couple of versions of OSX, but there are reports of instability, data corruption, inability to write to external HDDs, etc.

Just don't know what to make of this.

James
aval Posted - 03/29/2012 : 5:18:14 PM
quote:
Can they authenticate against AD? Any schema changes necessary?


Yes. No schema upgrade necessary - although you can perform one to add some Macs objects or attributes to the schema. I did not opt for this approach so I don't have any specifics.

The only problem I encountered was the fact that you set up authentication in different places for OS 10.4 and OS 10.7 so the directions I had for the first did not apply for the second (not sure about 10.5 and 10.6).

But it went surprisingly well for the first two Macs (one 10.4 and one 10.7).

quote:
Can they read/write NTFS? Is that fully supported? Anyone have experience with it?


No problem with that over the network. With the OS 10.4 machine, when the user logs on, the home folder opens as a window on - or in front of - the desktop. Almost better than native Windows.

I would recommend creating the computer account in AD first - which you may do for PC clients as well.

Group Policy? It looks like you need 3rd party software for this or throw a Mac server in the mix. That is supposed to create some sort of "magic triangle" with the Mac server emulating group policy more or less for the Mac clients. I decided we could do without Group Policy applying to the Macs so I cannot confirm or deny the validity of this option.

If you google/bing for macintosh active directory integration or OS X AD integration (you can try different terms), there should be quite a bit out there.
DennisMCSE Posted - 03/29/2012 : 5:06:21 PM
Powershell MVP Don Jones (a MAC user) wrote an article about that a while ago in Technet Magazine:

http://technet.microsoft.com/en-us/magazine/2008.12.mac.aspx


Mark Minasi's Reader Forum © 2002-2011 Mark Minasi Go To Top Of Page
This page was generated in 0.12 seconds. Snitz Forums 2000