Sleestak

Q: how do i bind windows 7 to os x server 10.8

I have a few Windows 7 Pro boxes in a Mac environment and would like to bind them to a Mac server running Montain Lion Server so that the server provides roaming profiles to the windows users.  I'm essentially talking about making the server a PDC.  I'd like the users to authenticate with the 10.8 server's OpenLDAP service.

 

Is this possible?  And if so, how?

MacBook Pro, Mac OS X (10.7.3)

Posted on Jul 31, 2012 12:59 PM

Close

Q: how do i bind windows 7 to os x server 10.8

  • All replies
  • Helpful answers

  • by Strontium90,

    Strontium90 Strontium90 Jul 31, 2012 4:17 PM in response to Sleestak
    Level 5 (4,077 points)
    Servers Enterprise
    Jul 31, 2012 4:17 PM in response to Sleestak

    You have to roll this on your own.  http://www.samba.org

     

    Good luck.

  • by ClarionAreaTech,

    ClarionAreaTech ClarionAreaTech Aug 1, 2012 5:41 AM in response to Sleestak
    Level 1 (0 points)
    Aug 1, 2012 5:41 AM in response to Sleestak

    Hopefully you and others find this helpful. There is absolutely a way to have Windows XP, Vista, and 7 authenticate to OS X, and use the SMB shares in OS X Server, version anything. The functionality is NOT howerver, included in Windows. There is a free product, called pGina. Please see below detailed instructions for how to set it up. Please reply and I will send detailed instructions on setting up 10.7 server as well. (Should also work with 10.8)

     

    pGina How-To, for authenticating Windows 7 to Open Directory:

     

    pGina 3.1beta configuration

         NOTE: The 3.0.x binaries are missing a key piece of the configuration. You NEED the 3.1 version!

     

    Install pGina 3.1beta, binaries at http://www.pgina.org

     

    Run pGina after installation

     

    Select Plugin Selection Tab

              Select ‘Authentication’ ‘Authorization’ and ‘Gateway’ in the LDAP tab

         Configure the LDAP Plugin

                             Enter common hostname of server server.example.com’

                                       LDAP Port 389

                                       Timeout 10

                                       Search DN ‘dc=server,dc=example,dc=com’

                                       User DN Pattern ‘uid=%u,cn=users,dc=server,dc=example,dc=com’

                             Save Changes

                   Apply in Plugin Selection Tab

    Select Simulation Tab

              Test configuration with username and password fields

     

     

    Create DOS-Style batch file for desired default drive mappings

              (ASSUMING HOMES ARE SMB SHARED ON OS X)

              ex:

                             net use z:\\server\%username%

                             net use y:\\server\other_drive_map

              Save in common location on hard drive, ex: c:\maps\script.bat

     

    Run gpedit.msc (Windows Pro or Ultimate Versions only)

              User Configuration

                        Scripts (Logon/Logoff)

                                  Logon

                                            Add

                                                      Browse to file location of script

                                                                Apply

  • by Sleestak,

    Sleestak Sleestak Aug 2, 2012 11:00 AM in response to ClarionAreaTech
    Level 1 (0 points)
    Aug 2, 2012 11:00 AM in response to ClarionAreaTech

    I've messed with pGina aa few times now not getting exactly what I'm trying to do but I will keep at it.  I'm running 10.5 server.  Does that make a difference in the configuration of pGina 3.1?

  • by ClarionAreaTech,

    ClarionAreaTech ClarionAreaTech Aug 2, 2012 8:03 PM in response to Sleestak
    Level 1 (0 points)
    Aug 2, 2012 8:03 PM in response to Sleestak

    That should work perfectly well for 10.5 as well. The basic LDAP and user structure is the same for OD logins.

  • by winter4w,

    winter4w winter4w Dec 26, 2015 9:47 PM in response to ClarionAreaTech
    Level 1 (8 points)
    iPhone
    Dec 26, 2015 9:47 PM in response to ClarionAreaTech

    Sorry to bump this post but I would like to know how can I make a roaming profile with pgina?

     

    Thanks

  • by Warwick Teale,

    Warwick Teale Warwick Teale Mar 7, 2016 2:31 AM in response to winter4w
    Level 3 (588 points)
    Mar 7, 2016 2:31 AM in response to winter4w

    Hi Winter4W et al, we have a recent production site of a client with many WIN7 (<20) and some legacy XP system using PGINA V3.4.2.1 (latest as of March 2016).


    Background:

    These WINDOWs system are authicated a LOCAL NETWORK users again a LDAP and OD realm managed by two (2x - replica) )  2015 Mac Mini maxed out servers with OSX Server 5.15 and OSX 10.11. We migrated this client from very old Windows Active Directory on Windoze server 2003 with sacks/boxes and bags of old iron and bags of installation CD.s (4 x old IBM servers).


    The client's team can now log into any WINDOWS workstation and be authenticated and authorised from Open Directory. It's very cool. No need to map any network file systems. They JUST APPEAR like UNIX... it's magic.. Users can login in from any PC workstation and work as a LOCAL NETWORK USER.


    Sadly there's no BIND (JOIN) in OSx since OSx 10.7.... so desktops etc can't 'roam' like you can with OSX and OSx server.

     

    This solution is now very solid and well in production (live). However it was frightfully labour intestive and frustrating to play with Windows7 (Traditional Chinese & some English versions).


    CAVEAT: I'm not a windows fan or user. Luckily we have some clever buggers in our crew that are. I have learned a great deal though, so I'll weigh in with this help.

     

    Windows7 GPO | Roaming Profile with pGINA - pgSMB

    We looked for a REMOTE PROFILE workflow we could use and found that PGina at V3.4.2.1 has support for a remote profile (windows ~/ on a server.. not local) so the we could provide a compete server based workflow that was independent of any workstation.


    We have tested pGina V3.4.2.1's pgSMB  (look here> http://http://mutonufoai.github.io/pgina/documentation/plugins/pgSMB.html


    The setup documentation could be tier as there ws a deal of trial and error to understand how it worked.


    We cannot get the TRANSFER (extraction) of the remote profile from the mac server (s) (using images.exe or other to work)  network file path the new Pgina Created Windows Local Network user to work. It just fails with no error condition code or status. (windows client:c://programs/pgina/log/system ever log?  ). The developer(s) have unix like logging thankfully. This is a wonderful help.


    We have NOT exhaustively tested this so far. We gave up around XMAS 2015 time. The pgSMB SCRIPT parm in the pgSMB permits a script/cmd to pull anything to perform the transfer of the profile. Perhaps this is the key to fixing this.


    I'm interested if anyone has this fully working.


    Post your results for others to see.


    Warwick

    Hong Kong