![]() ![]() the group must be added to the “Allowed admin groups” setting in the Active Directory Plug-in configuration for directory services. To allow a group of uses in the Campus Directory to act as administrator of the local machine to install software, change setting, etc. Once a machine is bound to a directory like the Campus Active Directory some additional settings may optionally be made for administration and security.Īllow a group of directory users to administer the machine. This means that user preferences and Library files will not follow the users from one machine to the next.Īdditional Configuration for Active Directory Use the MyAFS link to save files to traditional Unity AFS file space. OIT Unity Macintosh Lab kits create local home directories (ie /Users/)for each user that logs in on each machine. OIT is providing a Universal Lab Kit only for Intel (i386) based Macintosh hardware supporting 32 bit and 64 bit machines where possible. ![]() NOTE: There are other configurations using the DSLocal and AD Plug-in that may be useful documented below. It is critical that the file in /Library/Preferences be correct in step 1) above for this to function. Instead the MyAFS.app is provided and will prompt uses for Unity ID and password to at Ticket Granting Tickets, Service Granting Tickets and Tokes for using NC State AFS Cells (unity, eos, bp). create /Computers/localhost ENetAddress $(ifconfig en0 |grep ether | awk ‘’)ģ) Tokens to use OpenAFS are no longer acquired at login. This can be done using Send Unix… in ARD by: Contact if you have questions.Ģ) Machine management is done using the DSLocal directory and each machine must also be “bound” to the DSLocal by adding the hardware MAC address of the Built-in Ethernet NIC (en0) to the /Computers/localhost entry in DSLocal. If you do not know this information you will not be able to bind the machine. NOTE: You must know what AD container to bind the machine to and had a username and password that has permissions to do so. bin/mv /Library/Preferences/ /Library/Preferences/Ī good copy of the multi-Realm file is available for download here if yours becomes unusable. user/sbin/dsconfigad -f -u -p -lu labadmin -lp uwish -domain wolftech.ad. -ou “ou= YouNeedToKnowThis!!!,ou=ncsu,dc=wolftech,dc=ad,dc=ncsu,dc=edu” bin/mv /Library/Preferences/ /Library/Preferences/ The dsconfigad command can be used with ARD in a script to bind a Unity kit machine to the Campus AD as follows: As with all deployments of Active Directory on all platforms, the machine must be bound to the directory after the imaging process completes. This version of the kit changes to us the Active Directory Plug-in in Directory Services to bind to the Campus Active Directory instead. There is an issue binding to NC State LDAP with 10.6 causing systems to hang after 1-4 hours of idle time. See for information on software in previous kits.ġ) **Machines must bind to active directory post imaging**. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |