AD Integration
Can Open Directory be used enterprise wide?
A few years ago, before I started at my employer, a project was started for an enterprise-wide Open Directory setup. Each business unit within the university has a decent number of Macs that were mostly unmanaged. The project passed governance and a budget was set aside to fund the implementation. This was back in the [...]
Migrate Local User to Domain Account
If you are migrating your machines to authenticate via Active Directory, you may need to convert your local user accounts and their home folders to an AD user account and retain the home folder. I had a script posted here but that version was Tiger only because it used NI* commands.
Leopard Active Directory Integration Headaches
Ever since Leopard came out, we have been having a heck of a time trying to get Leopard to bind and/or authenticate to Active Directory reliably. We use Active Directory sites and our Leopard macs were trying to authenticate to Domain Controllers in the wrong site. I’m reminded of something Joel Rennich said in a [...]
Allow Non-Admin users to Manage Printers
Apple added a "feature" to Leopard which restricts non administrator users from managing printers on their Macs. While this is desired behavior on a public machine such as a classroom, it is a problem for single user machines such as faculty, staff and 1:1 deployments.
Securing SSH on Mac OS X by limiting who can log in
This post will describe two different methods for securing SSH that work on both Tiger and Leopard (client or server). These tips can be done as needed on machines that will have ssh enabled, or as part of your deployment image(s). Personally, I make these changes to our images because if a machine is bound [...]
