In order to bind macOS client devices to your Active Directory (AD) through the datajar.mobi service, there are a few requirements:
- Device names to be 15 characters or less. We'd strongly suggest serial number is used so that we can fully automate the task
- An AD service account will need to be provided. This account should have a long complex password, but free from any password change or expiry requirements.
- The AD service account will need to have CRUD (Create, Read, Update, Delete) access to the OU devices will be bound into, as well as any other OUs that devices may already have records present in
- A single OU will need to be provided for devices to be bound into. Devices can be moved from this OU after binding if this is required. The OU should be provided in the format:
- The full domain to bind devices to will need to be provided
- Optional: A specific fully-qualified NTP server address can be supplied for use
- Only desktop lab devices will be bound to AD for stability and reliability reasons. These devices will need a cabled connection to the network