rsigdel
Level 1 (0 points)

Q: Configuring OSX server as replica of MS-Windows server 2008 or 2012

Hi Folks,

Our company has an Active directory environment running on windows server 2008 and server 2012. We recently bought a mac server to push updates and settings profiles to iOS and OSX devices.

When I try to configure the mac server to join an existing open directory domain as a replica of the windows server 2008 or 2012, it's giving an error message of incompatibility. It says " Your server cannot become a replica of 'example.com' because they are running incompatible version of OS X. Please refer to the Open Directory Administration Guide for more information about this compatibility matrix"

Can any one suggest me what am doing wrong or what should I do?

Thanks,

Rohit

Mac mini, OS X Yosemite (10.10.5), N/A

Posted on Jan 26, 2016 1:02 AM

by John Lockwood,Solvedanswer
John Lockwood John Lockwood
Level 6 (9,349 points)
Servers Enterprise
A:

The Mac server software cannot act as an Active Directory server, nor for the same reason can it act as replica of an Active Directory server. It can 'join' an Active Directory server so that Active Directory can be used to authenticate services on the Mac server.

 

If you want to have a backup i.e. replica Active Directory server then you need a backup Windows server.

 

As you maybe aware the Profile Manager service in Apple's server software requires running an Open Directory server. In theory you should then have an Open Directory server on the Profile Manager server purely for use by Profile Manager. In order to also authenticate Active Directory users you would then also connect the same Mac server to the Active Directory system so it is both an Open Directory server and connected to an Active Directory server. I don't have Active Directory here to experiment with to try this but some people have reported problem getting Active Directory accounts to be able to login to Profile Manager. It maybe you need to use the Directory Access utility on the Mac server to alter the search order to move the Active Directory entry above the Open Directory one. See also this article OS X Server: Using the Profile Manager or Wiki service with Active Directory or third-party LDAP services - Apple Suppor…

Posted on Jan 26, 2016 8:03 AM

Close
rsigdel

Q: Configuring OSX server as replica of MS-Windows server 2008 or 2012

  • All replies
  • Helpful answers

  • by Leopardus,

    Leopardus Leopardus Jan 26, 2016 2:55 AM in response to rsigdel
    Level 4 (1,122 points)
    Desktops
    Jan 26, 2016 2:55 AM in response to rsigdel

    You can read up in this article how to go about solving your problem with a Windows Domain and a Mac's Open Directory

    If more guidance is required, feel free to ask

     

    Leo

  • by John Lockwood,Solvedanswer

    John Lockwood John Lockwood Jan 26, 2016 8:03 AM in response to rsigdel
    Level 6 (9,349 points)
    Servers Enterprise
    Jan 26, 2016 8:03 AM in response to rsigdel

    The Mac server software cannot act as an Active Directory server, nor for the same reason can it act as replica of an Active Directory server. It can 'join' an Active Directory server so that Active Directory can be used to authenticate services on the Mac server.

     

    If you want to have a backup i.e. replica Active Directory server then you need a backup Windows server.

     

    As you maybe aware the Profile Manager service in Apple's server software requires running an Open Directory server. In theory you should then have an Open Directory server on the Profile Manager server purely for use by Profile Manager. In order to also authenticate Active Directory users you would then also connect the same Mac server to the Active Directory system so it is both an Open Directory server and connected to an Active Directory server. I don't have Active Directory here to experiment with to try this but some people have reported problem getting Active Directory accounts to be able to login to Profile Manager. It maybe you need to use the Directory Access utility on the Mac server to alter the search order to move the Active Directory entry above the Open Directory one. See also this article OS X Server: Using the Profile Manager or Wiki service with Active Directory or third-party LDAP services - Apple Suppor…