http://www.makemacwork.com/bind-to-active-directory.htm
After following these steps, I was expecting the login screen of OS X to show blank fields for the username and password. However, I still saw the original list of users.
After poking around the settings a bit more, I realized that there were a couple settings that I changed when binding the machine to the AD the first time. After clicking on Bind... OS X asks for AD credentials that have permission to bind machines to the Active Directory. Just below the username and password fields there are a couple of check boxes that should be left checked. Here's what they should look like:
After I unbinded the machine and rebinded with those boxes checked, I was able to login to the machine with my AD credentials. NOTE: You might also be able to specify the directory domain on the Authentication server and contacts lists under Directory Utility > Search Policy without unbinding and rebinding. Just go to the Authentication tab click the plus button and check to see if the directory domain is listed. This can also be done with the contacts as well.
One other note, I would also go into System Preferences > Accounts > Login Options and change Display login window as: to Name and password for security and clarity that the user needs to provide their own username and password.
Happy computing...
No comments:
Post a Comment