AD Binding Questions….

[bentoms]

Hi Guys,

I am looking @ moving my Mac’s guys from their local setups to an AD/OD environment.

However, me & the PC NW Admin have been having a few arguments & he has raised a few queries that I could do with a little clarification on:

1) When binding a Mac to an AD domain does it create any entry for that mac in DNS? (as in Dynamic Name registration).

2) If a user has a PC AD profile (for use on Pc’s) & a Mac Hosted profile (hosted on an xserve & for use on Macs) do the repective computers look for the respective profiles?

That’ll do for now!

[GroupPolicyObj]

[QUOTE][u]Quote by: bentoms[/u]

Hi Guys,

I am looking @ moving my Mac’s guys from their local setups to an AD/OD environment.

However, me & the PC NW Admin have been having a few arguments & he has raised a few queries that I could do with a little clarification on:

1) When binding a Mac to an AD domain does it create any entry for that mac in DNS? (as in Dynamic Name registration).

2) If a user has a PC AD profile (for use on Pc’s) & a Mac Hosted profile (hosted on an xserve & for use on Macs) do the repective computers look for the respective profiles?

That’ll do for now!

[/QUOTE]

1. As long as you allow non-secured updates on Microsoft’s DNS server you’ll be fine with Mac’s communicating the appropriate DNS updates.

2. If you are going to be using AD for authentication then you’ll what to have the shared profiles located in AD (since AD would be proviiding authenitcation services). OD would be used for managing the Macintosh machines such as policies and desktop lockdown.

Does that answer your questions?

[Anonymous]

[quote]1. As long as you allow non-secured updates on Microsoft’s DNS server you’ll be fine with Mac’s communicating the appropriate DNS updates.

2. If you are going to be using AD for authentication then you’ll what to have the shared profiles located in AD (since AD would be proviiding authenitcation services). OD would be used for managing the Macintosh machines such as policies and desktop lockdown.

Does that answer your questions? [/quote]

Well almost!! 😆

In regards to question 1: The NW Admin for AD advised that the PC’s create the records via Dynamic Name Registration on the WINS service running on the ADC. This is a secure process & as there are over 5,000 PC’s he does not want DHCP to automatically update the DNS. The trouble is as the DHCP scope changes the DNS entry for the machine needs to update. But, I guess I could do this manually…

2. So basically, one place to store profiles…. so for your mac users do you create their home directories thru OS X or use the default AD ones?

[Anonymous]

[QUOTE]The trouble is as the DHCP scope changes the DNS entry for the machine needs to update. But, I guess I could do this manually…
[/QUOTE]

Sorry, I meant I could create the Dynamic entry for the Mac on the DNS manually…

[Author]

Posts