Adding Unix or Mac to a Delegated OU

Last updated: May 2, 2024
Audience: IT Staff / Technical

There are several options for using MI Active Directory for authentication, authorization and management of Unix, Linux and Mac computers.

The first step is obtaining a delegated OU in MI. For more information, see MI Delegated OUs.

Once you have a delegated OU, you may use your OU administrative account to configure any of the following options.

There are also a variety of suggestions from the user community which may be valuable to you.

Options for Joining Linux Computers to MI

Prerequisites

  1. A delegated OU is required.
  2. A computer object must be pre-created in your delegated OU for each computer you wish to join to the domain before attempting to do the join/bind.
  3. The netid.washington.edu DNS suffix/zone cannot be used (unless it is a UW-IT server).

Option 1: Linux native Winbind/krb5

We have no direct experience with this but do know that several campus departments have successfully utilized this technique. Many of the specifics are identical to the SSSD ones below.

Option 2: Linux native ssd

Please reference the Red Hat whitepaper Integrating Red Hat Enterprise Linux 6 with Active Directory. See Section 6.3 “Configuration 3 – SSD/Kerberos/LDAP”. Also RHEL7 Windows Integration Guide provides some advanced coverage and a version 7 update.

Option 3: Ubuntu

Please reference the Ubuntu whitepage https://pages.ubuntu.com/rs/066-EOV-335/images/Integration_of_Ubuntu_Desktop_with_Microsoft_Active_Directory_16_01_24.pdf. See page 12.

Options for Joining a Mac Computer to MI

Option 1: Using the OS X Tools

See /tools-services-support/it-systems-infrastructure/msinf/ous/add-computer/add-mac/