[Samba] How to Join Mac OSX workstation as AD domain member

[Kris Lou]

There are basically 3 ways:
* dsconfigad (https://gist.github.com/bzerangue/6886182)
* via Configuration Profile
* via GUI, which you've found

There's also a toggle "Allow Network Users to Log in" via System Prefs ->
Users -> Login Options

However ...
* Network Homes is difficult (at best)
* Changing passwords on the DC does not automatically refresh the local
profile's Keychain
* Network Users require a constant connection to the DC -- which obviously
doesn't work well for 1:1.  So more sites are favoring Mobile Users (with
local homes).

https://nomad.menu/ helps to solve a lot of the above without binding to AD
-- but I haven't used it, so YMMV.  You might also be interested in the
MacEnterprise mailing list.

-Kris





Kris Lou
klou at themusiclink.net

On Tue, Jun 26, 2018 at 2:41 PM, Mark Foley via samba <samba at lists.samba.org
> wrote:

> Does anyone know how to join a Mac OSX (High Sierra 10.13.5) workstation
> to a Samba4 domain, or
> know of a wiki/howto document describing this process? Web searches have
> turned up plenty of
> info on running OSX as a Samba4 server, but I can't find anything on
> joining as a domain
> member.
>
> I do believe I've actually joined (Bind in apple-speak) the workstation
> itself to the domain
> using the System Preferences > Users & Groups > Network Account Server.
> That does show my
> domain name with a green dot (OK status?).  And when I list network
> computer on the AD server
> it does list this Mac computer.
>
> Problem is, I cannot log in as a domain user. I'm sure I'm doing something
> wrong, but I can't
> figure out what.
>
> Any help greatly appreciated.
>
> THX --Mark
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>