Managing Mac policies using Workgroup Manager and Active Directory
TweetFollow Us on Twitter

Managing Mac policies using Workgroup Manager and Active Directory

There is. The Mac Workgroup Manager is a powerful tool to centrally manage users and computers across your organization. It lets you specify standard configuration information that applies to particular computers or users. It is also easily extendable by ISVs to support application-specific settings. Moreover, Apple has done a great job of keeping it up-to-date with OS releases.

Unfortunately, unless you’re running Mac OS X Server, it’s unlikely that you’re using it to manage the Macs in your company. Without OS X server it’s possible that you might not have even heard of Workgroup Manager.

Mac Workgroup Manager requires a central place to store its settings. It can store settings in Mac OS X server or in any LDAP server. At many companies, the main LDAP server is Microsoft’s Active Directory (AD) server. Organizations that run Windows computers in significant numbers likely use AD to authenticate Windows users. Unfortunately, storing data in that LDAP server is not trivial. The prescribed way of storing Workgroup Manager data in AD requires schema changes to the directory.

Many organizations are reluctant to make schema changes for any reason and unlikely to want to make them for reasons particular to the Mac. At many companies, Active Directory is administered by Windows-folk who may know little about Macs and who may be disinclined to make changes to AD to adapt it for the Mac. Schema changes are virtually un-doable. Once made, reversing them is difficult.

Convincing an organization to deploy Mac OS X servers solely to support Mac Workgroup manager may also be difficult if your company uses Macs only as desktops or laptop computers.

Integrating Workgroup Manager and Active Directory

Apple and other vendors supply software to integrate Macs with AD. The Apple Active Directory Plug-In allows Macs to authenticate users with AD. Other vendors supply similar functionality as well as providing “group policy” features that provide functionality similar to that of Mac Workgroup Manager. Likewise Software, however, provides authentication functionality and the ability to integrate Workgroup Manager with AD group policy. Let’s see how this works.

First, the Likewise Enterprise product, integrates user authentication with Active Directory in a fashion similar to that of the Mac Active Directory Plug-In. Users can log into their Macs using the same username and password that they use on Windows computers. Second, Likewise provides a mechanism that allows Workgroup Manager settings to be stored in AD Group Policy Objects (GPOs).

Group policy is the Microsoft mechanism for centralized configuration of user and computer settings. Group policy objects are stored in Active Directory and polled by Microsoft Windows computers that detect and apply policy changes as necessary. In AD, GPOs are associated with organizational units (OUs) and GPO settings are applied to the computers and users that are contained in those units.

In Figure 1, an OU called Marketing has been defined. Two computers have been added, or joined, to the OU and two users have been created in the OU. Any GPOs associated with the Marketing OU will be applied to the two computers and the two users in the OU.

Likewise Enterprise contains a utility to join Macs (and other non-Windows computers) to Active Directory. Once a computer is joined to AD, it can participate in AD-based user authentication and in group policy processing. In figure 1, this utility has been used to join Mary Smith’s Mac to the Marketing OU.

image

Part 2 continued >>

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Go from lowly lizard to wicked Wyvern in...
Do you like questing, and do you like dragons? If not then boy is this not the announcement for you, as Loongcheer Game has unveiled Quest Dragon: Idle Mobile Game. Yes, it is amazing Square Enix hasn’t sued them for copyright infringement, but... | Read more »
Aether Gazer unveils Chapter 16 of its m...
After a bit of maintenance, Aether Gazer has released Chapter 16 of its main storyline, titled Night Parade of the Beasts. This big update brings a new character, a special outfit, some special limited-time events, and, of course, an engaging... | Read more »
Challenge those pesky wyverns to a dance...
After recently having you do battle against your foes by wildly flailing Hello Kitty and friends at them, GungHo Online has whipped out another surprising collaboration for Puzzle & Dragons. It is now time to beat your opponents by cha-cha... | Read more »
Pack a magnifying glass and practice you...
Somehow it has already been a year since Torchlight: Infinite launched, and XD Games is celebrating by blending in what sounds like a truly fantastic new update. Fans of Cthulhu rejoice, as Whispering Mist brings some horror elements, and tests... | Read more »
Summon your guild and prepare for war in...
Netmarble is making some pretty big moves with their latest update for Seven Knights Idle Adventure, with a bunch of interesting additions. Two new heroes enter the battle, there are events and bosses abound, and perhaps most interesting, a huge... | Read more »
Make the passage of time your plaything...
While some of us are still waiting for a chance to get our hands on Ash Prime - yes, don’t remind me I could currently buy him this month I’m barely hanging on - Digital Extremes has announced its next anticipated Prime Form for Warframe. Starting... | Read more »
If you can find it and fit through the d...
The holy trinity of amazing company names have come together, to release their equally amazing and adorable mobile game, Hamster Inn. Published by HyperBeard Games, and co-developed by Mum Not Proud and Little Sasquatch Studios, it's time to... | Read more »
Amikin Survival opens for pre-orders on...
Join me on the wonderful trip down the inspiration rabbit hole; much as Palworld seemingly “borrowed” many aspects from the hit Pokemon franchise, it is time for the heavily armed animal survival to also spawn some illegitimate children as Helio... | Read more »
PUBG Mobile teams up with global phenome...
Since launching in 2019, SpyxFamily has exploded to damn near catastrophic popularity, so it was only a matter of time before a mobile game snapped up a collaboration. Enter PUBG Mobile. Until May 12th, players will be able to collect a host of... | Read more »
Embark into the frozen tundra of certain...
Chucklefish, developers of hit action-adventure sandbox game Starbound and owner of one of the cutest logos in gaming, has released their roguelike deck-builder Wildfrost. Created alongside developers Gaziter and Deadpan Games, Wildfrost will... | Read more »
See All

Price Scanner via MacPrices.net

13-inch M2 MacBook Airs in stock today at App...
Apple has 13″ M2 MacBook Airs available for only $849 today in their Certified Refurbished store. These are the cheapest M2-powered MacBooks for sale at Apple. Apple’s one-year warranty is included,... Read more
New today at Apple: Series 9 Watches availabl...
Apple is now offering Certified Refurbished Apple Watch Series 9 models on their online store for up to $80 off MSRP, starting at $339. Each Watch includes Apple’s standard one-year warranty, a new... Read more
The latest Apple iPhone deals from wireless c...
We’ve updated our iPhone Price Tracker with the latest carrier deals on Apple’s iPhone 15 family of smartphones as well as previous models including the iPhone 14, 13, 12, 11, and SE. Use our price... Read more
Boost Mobile will sell you an iPhone 11 for $...
Boost Mobile, an MVNO using AT&T and T-Mobile’s networks, is offering an iPhone 11 for $149.99 when purchased with their $40 Unlimited service plan (12GB of premium data). No trade-in is required... Read more
Free iPhone 15 plus Unlimited service for $60...
Boost Infinite, part of MVNO Boost Mobile using AT&T and T-Mobile’s networks, is offering a free 128GB iPhone 15 for $60 per month including their Unlimited service plan (30GB of premium data).... Read more
$300 off any new iPhone with service at Red P...
Red Pocket Mobile has new Apple iPhones on sale for $300 off MSRP when you switch and open up a new line of service. Red Pocket Mobile is a nationwide MVNO using all the major wireless carrier... Read more
Clearance 13-inch M1 MacBook Airs available a...
Apple has clearance 13″ M1 MacBook Airs, Certified Refurbished, available for $759 for 8-Core CPU/7-Core GPU/256GB models and $929 for 8-Core CPU/8-Core GPU/512GB models. Apple’s one-year warranty is... Read more
Updated Apple MacBook Price Trackers
Our Apple award-winning MacBook Price Trackers are continually updated with the latest information on prices, bundles, and availability for 16″ and 14″ MacBook Pros along with 13″ and 15″ MacBook... Read more
Every model of Apple’s 13-inch M3 MacBook Air...
Best Buy has Apple 13″ MacBook Airs with M3 CPUs in stock and on sale today for $100 off MSRP. Prices start at $999. Their prices are the lowest currently available for new 13″ M3 MacBook Airs among... Read more
Sunday Sale: Apple iPad Magic Keyboards for 1...
Walmart has Apple Magic Keyboards for 12.9″ iPad Pros, in Black, on sale for $150 off MSRP on their online store. Sale price for online orders only, in-store price may vary. Order online and choose... Read more
 

Jobs Board

Solutions Engineer - *Apple* - SHI (United...
**Job Summary** An Apple Solution Engineer's primary role is tosupport SHI customers in their efforts to select, deploy, and manage Apple operating systems and Read more
DMR Technician - *Apple* /iOS Systems - Haml...
…relevant point-of-need technology self-help aids are available as appropriate. ** Apple Systems Administration** **:** Develops solutions for supporting, deploying, Read more
Omnichannel Associate - *Apple* Blossom Mal...
Omnichannel Associate - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Read more
Operations Associate - *Apple* Blossom Mall...
Operations Associate - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Read more
Cashier - *Apple* Blossom Mall - JCPenney (...
Cashier - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Blossom Mall Read more

  • Generate a short URL for this page:



All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.