|
#1
April 9th, 2009, 11:59 AM
| |||
| |||
| Window 2003 server issue.
Hello all, I googled for this issue but couldn't find any answers. I hope you guys can help me out here. Here's a situation: I am an apple technician for a university. All mac domains are registered under window server 2003 with Active Directory. One Department wants to have their 5 pcs computers and 1 mac have restrictions log in workstation with their department A.D. with one username that allows them to login these 6 computers in their department office only but not login to ANY other computers on campus. The window server 2003 had successfully restricted one A.D username to 5 PCs but failed to recognize 1 mac even though I typed in its bind address. One username that CAN'T be logged in to ANY macs on domain EXCEPT for one particular mac. If using the local user restrictions on one mac, the username can STILL be logged in to OTHER domain macs. This is for security reasons to have the username to use ONE mac. Hope this clears up what I'm trying to say. Thanks in advance!  |
|
#2
April 18th, 2009, 03:18 AM
| |||
| |||
|
I may be misunderstanding you (I admit I did get a bit lost in the explanation, possibly from lack of sleep), but it sounds like you want to enforce policy that restricts login to specific users to specific machines. You would need to supplement your Active Directory to do this, most commonly by adding an Open Directory domain and binding your Macs to both. The Open Directory would be able to enforce the machine level policy you are looking for (as it sounds).  Michael |
|
#3
April 21st, 2009, 02:00 PM
| |||
| |||
| Quote:
|
|
#4
October 27th, 2009, 11:54 AM
| |||
| |||
|
I am no great expert, but I think that you need Apple Open Directory (i.e. have an xserve with OD enabled) integrated in with Active Directory to help you manage the Macs. Maybe? Should be fairly easy to integrate these days if up to date OS X 10.5 or 10.6? |
 |
| Bookmarks |
| Thread Tools | |
|
|
All times are GMT -5. The time now is 04:10 AM.
