Joining a Computer to the Domain (Mac OS X)

Topics Map > Active Directory
Active Directory - Joining a Computer to the Domain (Mac OS X)

Apple computers running Mac OS 10.5 or higher can join the Campus Active Directory Domain using the Directory Utility or a Terminal command.

Authorized Users Only: Only authorized users are allowed to join a machine to the campus active directory domain. If you are interested in using the campus active directory for your department or organization, please fill out a request form.

Before Joining

Before joining a Mac OS X machine to the Campus Active Directory, please have the following information ready:

Domain AD.WISC.EDU or ADTEST.WISC.EDU
Login Credentials Your username is netid-ou where netid is your NetID.
Computer Name Per the Naming Conventions Policy, your computer name should be prefixed with your OU name and a hyphen.
New Users:
If you have just received your Campus Active Directory user account, you will need to change its password before you can join a machine to the domain. Active Directory - Changing your account password

Network Requirements:
The computer joining the domain must be connected to the campus network or WiscVPN in order to join and log into the Campus Active Directory.

Using Directory Utility

Log into the Apple computer you want to join to the domain. You must be logged into an account with Administrator access.

Open the Directory Utility, which is located in:
10.5 (Leopard): /Applications/Utilities
10.6 (Snow Leopard): /System/Library/CoreServices

If necessary, click the padlock and enter your password to unlock the Directory Utility.

Click the checkmark next to Active Directory to enable Active Directory support.



Highlight Active Directory and click on the Pencil icon in the lower-right hand of the directory list to configure the Active Directory connection.

Enter in either ad.wisc.edu or adtest.wisc.edu under Domain.

Enter in a computer name under Computer ID. This should be prepended with your OU's name and a hyphen.



Click Bind.... A prompt will ask you for your network credentials and a computer OU. Enter your OU admin account and password, and the following computer OU location: ou=computers,ou=orgunits,dc=ad,dc=wisc,dc=edu

Your machine will be bound to the Campus Active Directory. If you experience any problems or errors, verify the above information, then contact activedirectory@doit.wisc.edu.

Click Apply in the Directory Utility to save your changes.

Restart your machine.

Review recommended tasks after joining your mac to the Campus Active Directory.

Using the dsconfigad Command

The dsconfigad command can also be used to join a mac to the Campus Active Directory domain. The command syntax is:

dsconfigad -a machine-name -domain domain -ou "ou=computers,ou=orgunits,dc=ad[test],dc=wisc,dc=edu" -u username

Items in italics should be replaced with the desired information. The correct domain must also be specified in the ou option, otherwise the command will fail.

After Joining

Installing AD Management Software: AD management software is not available for Mac OS X. You will need to install the tools on a Windows machine in order to manage your Active Directory resources. Active Directory - Remote Administration Tools

Moving the Computer: A computer is placed in a default OU when joining the domain. You should move it within your own OU as soon as possible after joining. Active Directory - Moving a Newly Joined Machine to Your Organizational Unit

NetID Authentication: NetIDs cannot be authenticated against the AD.WISC.EDU or ADTEST.WISC.EDU domains. In order to use NetIDs for authentication, manual edits must be made to several Apple preference files. Active Directory - Configuring a Workstation for NetID Authentication (Mac OS X)

Enable Network Login: To allow users in the Campus Active Directory to log into your mac, you must enable Network Login:

Open up System Preferences and select the Accounts menu item.

Click Login Options, located at the bottom of the left-hand user list.

Check Allow network users to log in at login window to enable network login. You can click Options... to specify which users can log in.

When logging into the mac with Campus Active Directory credentials, you do not have to specify a domain.