Q: ProfileManager and ActiveDirectory
Hello there,
I'm trying to use ProfileManager primary as a MDM solution for ios-Devices. Thus, I've set up a Mac (El Capitan) with OS X Server running an (empty) OpenDirectory and ProfileManager. The machine is on the DMZ and has a direct connection to the internet as necessary.
Now we got an ActiveDirectory in the company where all the user data is located. Obviously, I want those users being accessible from within ProfileManager s.t. I can assign devices/apps/etc. to people.
Is there any way to connect the Mac to the AD, e.g. using LDAPv3 to the GlobalCatalog (port 3268 on AD) in order to retrieve the users? I don't want to bind the entire Mac completely into the AD (for security concerns). I've tried to add the AD as a LDAP server using directory utility but I fail to get access to the users for whatever reason. Also most of the tutorials on the web are simply binding to the AD or relate to some older versions of OS X / Server which don't seem to fit any more.
Has anyone tried this? Or what's the recommended way here?
Thanks in advance,
rajo
iMac, OS X El Capitan (10.11.5)
Posted on Jun 1, 2016 9:55 AM