-
All replies
-
Helpful answers
-
-
Aug 1, 2012 5:41 AM in response to Sleestakby ClarionAreaTech,Hopefully you and others find this helpful. There is absolutely a way to have Windows XP, Vista, and 7 authenticate to OS X, and use the SMB shares in OS X Server, version anything. The functionality is NOT howerver, included in Windows. There is a free product, called pGina. Please see below detailed instructions for how to set it up. Please reply and I will send detailed instructions on setting up 10.7 server as well. (Should also work with 10.8)
pGina How-To, for authenticating Windows 7 to Open Directory:
pGina 3.1beta configuration
NOTE: The 3.0.x binaries are missing a key piece of the configuration. You NEED the 3.1 version!
Install pGina 3.1beta, binaries at http://www.pgina.org
Run pGina after installation
Select Plugin Selection Tab
Select ‘Authentication’ ‘Authorization’ and ‘Gateway’ in the LDAP tab
Configure the LDAP Plugin
Enter common hostname of server server.example.com’
LDAP Port 389
Timeout 10
Search DN ‘dc=server,dc=example,dc=com’
User DN Pattern ‘uid=%u,cn=users,dc=server,dc=example,dc=com’
Save Changes
Apply in Plugin Selection Tab
Select Simulation Tab
Test configuration with username and password fields
Create DOS-Style batch file for desired default drive mappings
(ASSUMING HOMES ARE SMB SHARED ON OS X)
ex:
net use z:\\server\%username%
net use y:\\server\other_drive_map
Save in common location on hard drive, ex: c:\maps\script.bat
Run gpedit.msc (Windows Pro or Ultimate Versions only)
User Configuration
Scripts (Logon/Logoff)
Logon
Add
Browse to file location of script
Apply
-
Aug 2, 2012 11:00 AM in response to ClarionAreaTechby Sleestak,I've messed with pGina aa few times now not getting exactly what I'm trying to do but I will keep at it. I'm running 10.5 server. Does that make a difference in the configuration of pGina 3.1?
-
Aug 2, 2012 8:03 PM in response to Sleestakby ClarionAreaTech,That should work perfectly well for 10.5 as well. The basic LDAP and user structure is the same for OD logins.
-
Dec 26, 2015 9:47 PM in response to ClarionAreaTechby winter4w,Sorry to bump this post but I would like to know how can I make a roaming profile with pgina?
Thanks
-
Mar 7, 2016 2:31 AM in response to winter4wby Warwick Teale,Hi Winter4W et al, we have a recent production site of a client with many WIN7 (<20) and some legacy XP system using PGINA V3.4.2.1 (latest as of March 2016).
Background:
These WINDOWs system are authicated a LOCAL NETWORK users again a LDAP and OD realm managed by two (2x - replica) ) 2015 Mac Mini maxed out servers with OSX Server 5.15 and OSX 10.11. We migrated this client from very old Windows Active Directory on Windoze server 2003 with sacks/boxes and bags of old iron and bags of installation CD.s (4 x old IBM servers).
The client's team can now log into any WINDOWS workstation and be authenticated and authorised from Open Directory. It's very cool. No need to map any network file systems. They JUST APPEAR like UNIX... it's magic.. Users can login in from any PC workstation and work as a LOCAL NETWORK USER.
Sadly there's no BIND (JOIN) in OSx since OSx 10.7.... so desktops etc can't 'roam' like you can with OSX and OSx server.
This solution is now very solid and well in production (live). However it was frightfully labour intestive and frustrating to play with Windows7 (Traditional Chinese & some English versions).
CAVEAT: I'm not a windows fan or user. Luckily we have some clever buggers in our crew that are. I have learned a great deal though, so I'll weigh in with this help.
Windows7 GPO | Roaming Profile with pGINA - pgSMB
We looked for a REMOTE PROFILE workflow we could use and found that PGina at V3.4.2.1 has support for a remote profile (windows ~/ on a server.. not local) so the we could provide a compete server based workflow that was independent of any workstation.
We have tested pGina V3.4.2.1's pgSMB (look here> http://http://mutonufoai.github.io/pgina/documentation/plugins/pgSMB.html
The setup documentation could be tier as there ws a deal of trial and error to understand how it worked.
We cannot get the TRANSFER (extraction) of the remote profile from the mac server (s) (using images.exe or other to work) network file path the new Pgina Created Windows Local Network user to work. It just fails with no error condition code or status. (windows client:c://programs/pgina/log/system ever log? ). The developer(s) have unix like logging thankfully. This is a wonderful help.
We have NOT exhaustively tested this so far. We gave up around XMAS 2015 time. The pgSMB SCRIPT parm in the pgSMB permits a script/cmd to pull anything to perform the transfer of the profile. Perhaps this is the key to fixing this.
I'm interested if anyone has this fully working.
Post your results for others to see.
Warwick
Hong Kong