Lion on a windows based infrastructure

I have many clients that when i visit them at there offices I can join there PC networks with out a problem and still have full access as though I was an employee (With some vaulted exceptions for internal security reasons) These institutions are Banks (no names here) Microsoft regional headquarters for northern Europe and others.

I have full capabilities as if these were my own offices, I have a MBP running 10.7.

The reason I tell you this is reading your post tells me your IT dept is going to find every reason they can to stop you joining their network at any cost because their network is probably so fragile that they are afraid that the slightest thing out of the norm could bring it crashing down around their ankles! And they also know nothing about macs or their architecture, which is very scarey for PC IT people.

And lets face it you if anything did go wrong you will probably end up getting blamed for it!

I really hope you find a network specialist here in these discussions somewhere to get the answers you are looking for, but prepare yourself fo a fight!

Been there done that!

I really hope you find a network specialist here in these discussions somewhere to get the answers you are looking for, but prepare yourself fo a fight!

Been there done that!

Yes, it's a battle if the IT dept. is not willing. I worked with a few that were, but mostly not. Just another reason not to work for a large org that is unwilling to change. But I suspect now that Apple is valued higher then Exxon, the perception of Apple as non-corporate-worthy might change. However, as pointed on in many other discussions here, Apple's (perceived?) move away from corporate software may shoot them in the foot, before it's in the door. How's that for a mixing of metaphor 🙂

You know, I have been thinking about it, and I think you need to contact the product vendors directly for the info you require, this will give you more "Hardcore" evidence to support your case. My limited search has turned up that to have a Mac in a windows workplace environment is almost 99% fully supported these days (At least in the Nordic countries where I live). Another way to approach it maybe is to tell the guys in the office about the fact you have 2-in-1 Computer!

Windows 7 (Bootcamp) and Mac OSX 10.7!

These links will get you started.

Windows Active Directory:

http://www.centrify.com/directcontrol/mac_os_x.asp

Sophos:

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-ed ition.aspx

http://nakedsecurity.sophos.com/2011/07/20/apple-mac-os-x-lion-sophos-protected/

This guy can answer your questions: rjb@sophos.com

Specops

http://www.specopssoft.com/products/specops-password-policy

Symantec Enterprise vault Client

http://www.symantec.com/business/enterprise-vault

EV10.. is Mac compatible and supports MS office 2011.

Print servers, yes I have never had any problems connecting. Here is an example for your IT guy:

https://discussions.apple.com/thread/2435601?start=0&tstart=0

Good Luck 🙂

I've been a Windows systems engineer at a medium sized multinational company for a long time. I recently was put on a project to integrate Macs into our MS AD infrastructure. So for what's it's worth, I'll give you my two cents.

Integrating Macs into a Windows AD environment is a major PITA. Apple versus MS holy wars aside, Macs are not designed well for AD integration. Your IT depearment knows this and will usually fight your request tooth and nail. When you consider OS packaging, configuration, delivery, systems management, appliction packaging, version updates, MCX management, applicaiton incompatibilities, security tools, support training, cost of implementing duplicate infrastructure and more....it just doesn't make sense.

THAT SAID, if you're trying to drive this through your IT department you'll get nowhere. I'd go sell the idea to the most influential senior manager in the company. If you can make a business case, you stand a possible chance. Make sure you put positive spins on their concerns, especially costs and security. And you'll do well to have an ally in IT to help build your technical case. And you'll have to put a good business case around TCO because the initial cost of a Mac will scare everyone who manages a budget.

Here's some of the solutions I researched and settled on. I compared both Centrify and Likewise head to head. I went with native OS X AD support and we're using Casper to deploy and integrate Macs into AD. It's easier and cheaper to go native and unless you are also integrating other Linux boxes, save your money and spend it on Casper Suite. And since we use MS System Center, Casper Suite was a no-brainer. It's got every feature of SCCM, a connector that integrates with SCCM and you can even use it for pushing MCX. This means that you have a mechanism for deploying a Group Policy equivalent and a slew of other features.

Both McAfee and Symantec have security products for Mac. Stick with the same vendor that IT uses for PCs and you have an integrated solution. If IT is using a security vendor that doesn't have a Mac product line, you can use the "consolidate the environment" as a possible benefit.

Applications can be a challenge since some vendors don't have a Mac product for a popular Windows title (like Visio or MS Project). If your company has a Citrix XenApp or similar product, that could help bridge the gap.

Most VPN vendors have a Mac client but you'll need to make sure that a rule set can be configured to allow VPN from a Mac.

Printing is a snap. Just use the IP button when adding printers and you won't have to deal with authentication issues (I struggled for a while on this). And if you have Casper, you can push defined printers based on a users IP segment. Just make sure all of your drivers are in the build or available with Self Service.

ok, that may have been more than 2 cents but I hope it helps.

Nice SaxDaddy!

That's what I call a quality answer! 🙂

Thank you David.

@tomfrombamford: I'll just share one more sentiment that I've heard. Your IT department may come back with a similar idea. When I asked our security vendor's Sales Engineer which other accounts were having success with their Mac product line, he said "out of all my customers, your company is the only one trying to fully integrate Macs into AD as 'fully privileged citizens' ". Mind you his customers include several large companies that you use everyday for shopping, searching, phone calls, social networking, etc. No names here, right David?

The trend seems to be that IT departments will neither support nor deny Macs on the network. This might have to be the compromise your company settles for. On the upside, you'll have your Mac on the network and can access network resources. IT will be happy because they might not have to build out the infrastructure for Macs. Execs will be happy because they can carry an Air (a status symbol at my company). The downside for you is without IT support, you'd better be technical or resourceful enough to solve the issues you'll inevitably encounter. For the company, they'd better carefully analyze the risk of a Mac that goes missing. We're always talking about the impact of a "CNN moment" ala TJMaxx or Livermore Labs.

At a recent trade show I struck up a conversation with a techie from one of the companies mentioned above. He confirmed the rumor. Over 8,000 Macson their network, all are completely unmanaged. All IT provides these folks are a network connection and a Windows VM for corporate supported apps. The Macs users have setup wikis to help support each other as well. He then said, "if you ask for a Mac, you have to be technical enough to handle it. The dummies get Windows!"

"if you ask for a Mac, you have to be technical enough to handle it. The dummies get Windows!"

Ha ha ha ha ha ha ha 😁

I almost fell of my chair!!!!!!