/build/static/layout/Breadcrumb_cap_w.png

Post installation task to join a Mac to an AD domain

Note: machine names already exist in AD.
 
#!/bin/bash

### You must edit these for your specific ROOM

# 1) fully qualified DNS name of Active Directory Domain.

domain="acme.tools.com"

# 2) username of a privileged network user.

udn="macjoiner"

# 3) password of a privileged network user.

password=XXXXXX

# 4) Distinguished name of container for the computer

ou="cn=Room-100,ou=MACs,ou=mainsite,dc=acme,dc=tools,dc=com"

# 5) 'enable' or 'disable' automatic multi-domain authentication

alldomains="disable"

### End of configuration

# Get the local computer's name.

computerid=`/usr/sbin/scutil --get LocalHostName`

# Activate the AD plugin, just to be sure

defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" "Active" plutil -convert xml1 /Library/Preferences/DirectoryService/DirectoryService.plist

# Bind to AD

dsconfigad -f -a $computerid -domain $domain -u "$udn" -p "$password" -ou "$ou"

dsconfigad -alldomains $alldomains

# Add the AD node to the search path

if [ "$alldomains" = "enable" ]; then

csp="/Active Directory/All Domains"

else

csp="/Active Directory/$domain"

fi

dscl /Search -append / CSPSearchPath "$csp"

dscl /Search -create / SearchPolicy dsAttrTypeStandard:CSPSearchPath

dscl /Search/Contacts -append / CSPSearchPath "$csp"

dscl /Search/Contacts -create / SearchPolicy dsAttrTypeStandard:CSPSearchPath

# Restart Directory Service

killall DirectoryService

sleep 2

exit 0


Comments

This post is locked

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ