Middlebury

Manually Add a Mac to the Domain

Mac OS X 10.5 Leopard

  1. Login with a local administrative account to the computer.
  2. Open Applications => Utilities => Directory Utility =>. If needed, unlock the utility, by clicking on the lock icon.
  3. Then click the "Services" button. Make sure "Active Directory" has a checkmark.
  4. Double-click "Active Directory"
  5. There will either be a "Bind" or an "Unbind" button.If you see an "Unbind" button, it means that the computer is already added to the domain. Stop here. If the domain connection is not working properly, follow the steps at Resetting_Directory_Service_Settings then come back to this page.
  6. Fill out the Services tab as follows
    1. Active directory domain: middlebury.edu
    2. Ensure that the computer ID is unique, (username-MIDDNUMBER, or lab-MIDDNUMBER, etc.).
    3. Leave everything else as it is, for now.
    4. Click "Bind"
    5. Use our special domain username and password in the respective boxes (contact your supervisor or the lab manager if unsure).
  7. After the computer is bound to the domain, click on "Show Advanced Options".
  8. You will want to leave everything as it is, except these two items:
    1. Under "User Experience", place a checkmark next to "Create mobile account at login". Uncheck "Require confirmation".
    2. Under "Administrative" next to "Allow administration by" add "MIDD\Helpdesk Staff (without the quotes). Add any other groups/users if needed.

Mac OS X 10.6 Snow Leopard

  1. Login with a local administrative account to the computer.
  2. Open System Preferences => Accounts => Login Options => Choose "Edit" where it says Network Account Server.  Then choose "Open Directory Utility". If needed, unlock the utility, by clicking on the lock icon.
  3. Then click the "Services" button. Make sure "Active Directory" has a checkmark.
  4. Double-click "Active Directory"
  5. There will either be a "Bind" or an "Unbind" button.If you see an "Unbind" button, it means that the computer is already added to the domain. Stop here. If the domain connection is not working properly, follow the steps at Resetting_Directory_Service_Settings then come back to this page.
  6. Fill out the Services tab as follows
    1. Active directory domain: middlebury.edu
    2. Ensure that the computer ID is unique, (username-MIDDNUMBER, or lab-MIDDNUMBER, etc.).
    3. Leave everything else as it is, for now.
    4. Click "Bind"
    5. Use our special domain username and password in the respective boxes (contact your supervisor or the lab manager if unsure).
  7. After the computer is bound to the domain, click on "Show Advanced Options".
  8. You will want to leave everything as it is, except these two items:
    1. Under "User Experience", place a checkmark next to "Create mobile account at login". Uncheck "Require confirmation".
    2. Under "Administrative" next to "Allow administration by" add "MIDD\Helpdesk Staff (without the quotes). Add any other groups/users if needed.

Mac OS X 10.6 Snow Leopard Server

  1. Login with a local administrative account to the computer.
  2. Open System Preferences => Accounts => Login Options => Choose "Edit" where it says Network Account Server.  Then choose "Open Directory Utility". If needed, unlock the utility, by clicking on the lock icon.
  3. Then click the "Services" button. Make sure "Active Directory" has a checkmark.
  4. Double-click "Active Directory"
  5. There will either be a "Bind" or an "Unbind" button.If you see an "Unbind" button, it means that the computer is already added to the domain. Stop here. If the domain connection is not working properly, follow the steps at Resetting_Directory_Service_Settings then come back to this page.
  6. Fill out the Services tab as follows
    1. Active directory domain: middlebury.edu
    2. Ensure that the computer ID is unique, (username-MIDDNUMBER, or lab-MIDDNUMBER, etc.).
    3. Leave everything else as it is, for now.
    4. Click "Bind"
    5. Use our special domain username and password in the respective boxes (contact your supervisor or the lab manager if unsure).
  7. After the computer is bound to the domain, click on "Show Advanced Options".
  8. You will want to leave everything as it is, except these two items:
    1. Under "User Experience", place a checkmark next to "Create mobile account at login". Uncheck "Require confirmation".
    2. Under "Administrative" next to "Allow administration by" add "MIDD\Helpdesk Staff (without the quotes). Add any other groups/users if needed.
  9. Open Server Admin and connect to the server you want to join to the Kerberos realm.
  10. Click the triangle at the left of the server.
  11. From the expanded Servers list, select Open Directory (even if you are not planning to run the OD service).
  12. Click Settings, then click General.
  13. Confirm that the role is connected to a directory server, then click Join Kerberos.
Powered by MediaWiki