[MacTUG] Changes to our Active Directory and Macs...

Donald Duff-McCracken dsmccrac at uwaterloo.ca
Mon Mar 22 11:50:29 EDT 2010 

Hi Matt

We are in agreement, as I said in my OP, I do not really want AD to do anything else other than authenticate, and really my main issue is that this does not get messed up. Having said that, I think it would be hard for any tinkering with the schema could mess this up (I had to pause after saying that to knock on wood, haha) as we are relying on parts of the schema that are pretty basic and I would guess central to the stuff that Nexus and ADS needs.

I really have no need for extensions to the schema but I thought I would put it on the table. As I have talked to others who know more about AD (esp wrt to it in 2008 server) it sounds like it is easier to make extensions to the schema after the fact now as it is more flexible. So it is likely the case that it is not something that we would have to try to get done now even if we did want extensions (and to repeat, I personally see no need)

And as Matt knows, I am doing the Magic Triangle thing.

I have been not doing the mactug thing lately, as Joe has been, but if there is any time that people want to talk about Mac authentication I would love to freeload on that meeting



On 10-03-16 11:45 AM, "Matthew Oliver" <m3oliver at engmail.uwaterloo.ca> wrote:

I think we should make sure we have the agreement of all mac using departments before going down this path.
Schema extension (I'm told) will affect all macs in the AD forest and will break any deployed golden/magic triangle setups currently out there (mine for example).
While I'm interested in simplifying my setup, I'm not quite ready for what seems like a fairly major change.

Anyone else currently using a magic triangle setup on campus?


Matt

On 2010-02-22, at 2:14 PM, Glenn Anderson wrote:

This sounds like a good topic for tomorrow's MacTug meeting.

On 2010-02-22, at 11:21 AM, Donald Duff-McCracken wrote:

Hi there

With the goal of merging the two main ADs on campus (Nexus and ADS) this may be a good time for us to ask for any modifications to the schema to make life easier for us mac users. Not like it is likely (as merging these 2 Domains will likely keep them busy enough), but it is likely the best chance we can get. I find the timing a little ironic however as I am learning how to do things right with the “Golden Triangle” where AD merely does the authentication and OD does all the grunt work of setting access permissions and all that jazz — and I am fine to leave things this way. So in some ways as long as things do not get messed up with how things are, I really see no need for adding anything. All I really want from AD are the users credentials, what groups they are in, what OUs machines are in and where their network home folder (n drive) is.

But can anyone else think of stuff we should go to Erick and Bruce with?

Don
_______________________________________________
MacTUG mailing list
MacTUG at lists.uwaterloo.ca
https://lists.uwaterloo.ca/mailman/listinfo/mactug

_______________________________________________
MacTUG mailing list
MacTUG at lists.uwaterloo.ca
https://lists.uwaterloo.ca/mailman/listinfo/mactug




------------------------------------
Donald Duff-McCracken
Technical Services Manager
Mapping, Analysis & Design
Faculty of Environmental Studies
University of Waterloo
(519) 888-4567 x32151
http://www.fes.uwaterloo.ca/computing/people/don.html
------------
To request help from MAD please us Request Tracker. For info see: http://www.fes.uwaterloo.ca/computing/faculty_staff/
------------
This email communication is intended as a private communication for the sole  use of the primary addressee and those individuals listed for copies in the original message. The information contained in this email is private and confidential and If you are not an intended recipient you are hereby notified that copying, forwarding or other dissemination or distribution of this communication by any means is prohibited.  If you are not specifically authorized to receive this email and if you believe that you received it in error please notify the original sender immediately.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.uwaterloo.ca/pipermail/mactug/attachments/20100322/95ae57e7/attachment.html

More information about the MacTUG mailing list