Install Leopard Server in Advanced Mode as a Standalone Server.
Server Admin: Add wanted services, configure, and start them (specifically SMB)
Directory Utility: Bind to Domain
- Added AD Domain under the Directory Servers tab/icon and the binding to AD happened automatically under the Services icon/tab.
- Advanced options: Use UNC path from AD using SMB
- Default user shell: /bin/bash
- Enable Open Directory
- Change settings of Open Directory: Promote the server to an OD Master.
Directory Utility: set the proper search order
- Search Policy: Drag AD to be above the local ldap policy. You can do the same for the Contacts Search order.
:: Adding management functions in OD to work with the AD groups ::
Open WGM (WorkGroup Manager) and login as the Directory Administrator (diradmin)
- Greate a new Group and call it OD_Managed or similar (ie, school_staff, school_students)
- Add new members: in the sidebar, switch the directory to AD and
then click the groups icon. Drag the appropriate AD container to the
- Set preferences for the group
Using MS ADUC, set the home directories for the users.. note that
you can setup and turn on SMB on the OS X Server, and point the users
home directories (via AD) to the leopard server’s smb share.
What you end up with is AD accounts mapped to their homedir with MCX policy enforcement.
Manual bind on client: Using Directory Util, bind to the new OD
Master server then bind to AD. Place AD above OD in the search order.
login as test user…