Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Looks like no one’s replied in a while. To start the conversation again, simply
ask a new question.
Able to manage user groups, but not computer groups
We finally got Dual Directory up and running. I am able to fully manage groups of users, but when I try and configure groups of computers, they do not work. The basic test was changing the login screen to show directory status and the college name. None of these settings apply.
Are you supposed to add computers to computer groups from the AD realm or the local LDAPv3 realm? During the test, I added the computer from AD by clicking the realm globe and then searching.
Trying to manage added Computer OUs from AD to OD won't work.
Using WorkGroup Manager click the Computer Group and select the Members tab. Click the three dots icon. Mac workstations joined to OD should be listed. Occasionally managed Computer Groups may not have the MCX applied. This could be due to a number of reasons. One is an applied Power Management Policy. Disable this and use a Local Policy instead. Another possible reason - depends on your structure - is the MCX Compositor may reference the Computer OU from AD as it's listed first in the Search Policy. Make the LDAPv3 directory be the first directory to be searched.
My issue seems to be that no computers other than the OD server are showing up in that list. When I join clients, I first join then to OD then join them to AD.
I'm not sure why they are not showing up in Workgroup Manager.
You can also manually add them.
All you need is the hardware UUID and the Hardware address of the network interface.
If you don't have to many clients this can be an easy solution...
Did you perform an authenticated BIND? If not, that's your problem. The UUID and Ethernet ID are needed or it'll be temperamental at best. You can put them in manually but it's very time consuming if you have more than 10 or so Macs.