Mac Domain Join Active Directory

Click the open directory utility button.

Mac domain join active directory. Domain joining privilege can be assigned to any user not only an administrator. For this example the domain is hq test us and the computer id is mac. Macos sierra and later can t join an active directory domain without a domain functional level of at least windows server 2008 unless you explicitly enable weak crypto even if the domain functional levels of all domains are 2008 or later the administrator may need to explicitly specify each domain trust to use kerberos aes encryption.

Here you can enter your domain information and computer id. Bind using the command line. At the very least the two pieces of information that are required in order to join a mac workstation to active directory are.

For example the following command can be used to bind a mac to active directory. Active directory domain. It is tested on os x 10 6 10 7 and 10 8 combined with a windows server 2003 2008 2012 mixed active directory domain and a fedora 389 ds domain and an openldap domain.

Click the lock to make changes. Use the dns name of the domain not the netbios short name. Before you bind or join a mac to active directory domain ensure the mac is connected to the network.

The macs will receive much of their management directly from the domain controller hosting the active directory service but it must translate the processes into commands that os x will. You can either set a static ip address on your mac or let dhcp assign the ip address to mac. The computer id is the computer name that will show up in active directory once the mac is joined to the domain.

After the information is entered bind the mac to active directory with the following information. You can use the dsconfigad command in the terminal app to bind a mac to active directory. Steps to join or bind a mac to a windows domain.