[unisog] Macintosh and Windows central management thru Windows Group Policy

Peter C. Lai peter at simons-rock.edu
Fri May 28 18:07:56 GMT 2010


They can join an AD to auth to a domain (and attach shares etc) but
to manage mac "GPOs" requires importation of apple's own schema, which
may or may not be doable in AD alone...

On 2010-05-28 09:19:55AM -0400, Joel Esler wrote:
> I don't know if it's manageable in the same method, but you can join a mac to an active directory environment. 
> 
> http://images.apple.com/business/solutions/it/docs/Best_Practices_Active_Directory.pdf
> 
> --
> Sent from my iPad
> Joel Esler
> 302-223-5974
> Jabber:jesler at sourcefire.com
> 
> On May 27, 2010, at 10:34 PM, Paul Guarino <pguarino at suffolk.edu> wrote:
> 
> > Hi,
> > 
> > Wanted to see how others are handling Macs in a primarily Windows active directory environment using Windows as the central manager for group policies.
> > 
> >  
> > 
> > More and more Macs are being added to our environment and most are tied to Xserve with Open Directory. We would like to use Windows group policy as the single central enforcement to lock down computers after specific time of inactivity and similar gpo tasks. We are looking for a solution that will enable our Macs to accept these policies directly from the Windows server, rather than  having to recreate the policies on the Xserve to deploy to our Macs.
> > 
> > 
> > If anyone has a current successful manageable deployment, insight, gotchas, successes and/or failures I would appreciate any and all input.
> > 
> >  
> > 
> > Thanks,
> > 
> > Paul
> > 
> >  
> > 
> > Paul Guarino
> > 
> > Suffolk University
> > 
> >  
> > 
> >  
> > 
> >  
> > 
> > Notice:
> > 
> > ---------------------------------------------------------------------------------------
> > 
> > This E-mail message is confidential, intended only for the recipient(s) named above and may contain information that is privileged, exempt from disclosure under applicable law. If you have received this message in error, or are not the named recipient(s), please immediately notify the sender by return email or by calling (617) 573-8523, and delete this message from your computer. Thank you.
> > 
> >  
> > 
> > _______________________________________________
> > unisog mailing list
> > unisog at lists.dshield.org
> > https://lists.sans.org/mailman/listinfo/unisog

> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog


-- 
===========================================================
Peter C. Lai                 | Bard College at Simon's Rock
Systems Administrator        | 84 Alford Rd.
Information Technology Svcs. | Gt. Barrington, MA 01230 USA
peter AT simons-rock.edu     | (413) 528-7428
===========================================================



More information about the unisog mailing list