To bind or not to bind server to AD

[jscott]

I’m setting up a new Xserve running 10.4.2 and I have a cfew questions about how to set it up. What I want to do seems pretty common from what I’ve read on these forums.

I want clients to authenticate with AD account and have managed prefs via OD and I DON’T want to use Home Directories. I want all user data to remain on the workstations.

The question I have is should I bind my OD master to AD? I’ve read the AD/OD Integration 2.0 document and its great but one area confuses me. On page 5 under the Open Directory section, first paragraph says "OS X Server 10.4 should have no issues joining the server to AD…" but the next paragraph says "Since your OD Master won’t be bound to AD, and thus can’t see AD users itself…"

Thanks,
JS

[jscott]

Nothing yet…. Joel can you shed some light in this for me? It being your paper you probably have the best insight on it.

Thanks,
JS

[jscott]

[QUOTE BY= macshome]
Eventually it’s my hope that MCX will work on inherited groups. That way you could bind the server to AD, nest the AD groups in matching OD groups, and then apply your mcx as needed.[/QUOTE]

This is exactly what’s needed and I’m sure I’m not the first to agree with you. Thanks for the help. At this point I don’t think binding the server to AD is necessary.

[Author]

Posts