Lesson5.Integrating Mac OS X With Active Directory

Lesson 5. Integrating Mac OS X With Active Directory

From Lesson 4, "Integrating Mac OS X With Third-Party Directory Services," you already know how to use the Lightweight Directory Access Protocol (LDAP) plug-in to bind a computer to an Active Directory server. Mac OS X also includes an Active Directory plug-in, which, when properly configured, allows your computer to access the same directory records as the Windows computers on the network.

With the Active Directory plug-in for Open Directory, configuring a Mac OS X computer to access an Active Directory server is fairly straightforward. If you prefer, though, you can override its default settings and specify how to map key user account attributes, where to store the home folder, and what accounts have admin access.

In this lesson, we will cover the many dynamics of integrating Mac OS X with Active Directory. Prior to Mac OS X version 10.3, the best way to integrate Mac OS X computers with Active Directory was through the LDAP plug-in, which is still a functional option. Today, the Active Directory plug-in facilitates easier configuration, a richer feature set, and a better user experience than that of the LDAP plug-in, which can still used for Active Directory integration. The focus of this lesson will be on the Active Directory plug-in with both Mac OS X and Mac OS X Server.