Help with LDAP authenticating OS X and XP

[lschafroth]

We have 6 Xservers. They are all running 10.4.11.

One of the server (10.0.0.3 for example) is the LDAP OD master.
It is running AFP service for our Staff and Students to login with their OS X computers. This allows them access to their home directories.

The other Xserve systems act as replication servers and other various features such as DHCP, PRINTING, homes and etc.

The last Xserver (10.0.0.5) for example, is our server for hosting storage space for our Windows XP machines. These are lab computers where students can connect using their LDAP accounts to map to their home directory to get their work from the MAC Labs.

My GOAL is this:

Create an environment where we have a Xserver LDAP master. I want to authenticate Students and Teachers with their OD accounts on a OS X machine and a Windows XP machine.

The 10.0.0.5 machine is a storage server for a windows domain in the Administration office and must be seperate. We have a 2003 PDC Server. I would like the Xserve (10.0.0.5) to get it’s XP login information from the 2K3 PDC for the Administration area so we dont have to have the same account on the PDC and the Xserve and change the password on both each time a user changes their password.

So there is two phases:

PHASE #1:
Integrate the Administration OS X & XP Clients to authenticate via the 2K3 PDC and access their home directories on the Xserve 10.0.0.5.

PHASE #2:
Create a Domain for the Students and Staff using the remaining Xserve’s. I want the Students and Staff to login to the LDAP domain from a OS X machine or a XP machine and have access to their home folder which resides on ceratin Xserve machines. We keep the students on 3 of them and the teachers/staff on another to keep the buildings (Elementary, Middle School & JH/HS) seperate.

We have 6 labs of 28 Intel MAC’s running OS X Leapard/Tiger and XP using Bootcamp. They will need to be able to login to the Xserver LDAP with both operating systems and map to their corisponding home directories. If there is ANY way to have the XP machine login and authenticate, but use a static local Profiel every time that would be the best. We have Autocad 2006, Adobe CS3 and other packages that are confiured as we want them and frozen via Deep Freeze and will not be able to use roaming profiles, nor do we want to. We do however like to use roaming profiles on our Mac laptops. We have 9 mobile labs of 28 laptops that will use network profiles.

Thanks!!!

Lannie

[lschafroth]

Knock knock…

[lschafroth]

I take it from the lack of responses that this cannot be done and we need a seperate 2K3 server.

Lannie

[lschafroth]

Anyone?

[lschafroth]

No, I just want both the OSX machines and the XP machines to auth against the OpenDiretory on the Xserve and map them to their home directories. The home directory could be AFP and SMB depending on which type of OS they login with.

The XP machines would have to login to the domain but use only 1 certain local profile on the XP machine. No roaming profiles due to some extra programming and licensing in place.

Lannie

[Author]

Posts