Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Assumes the following:
- # Hostname: TEST1
- # Domain: EXAMPLE.COM (you probably don't want to use your public domain for your AD domain... but that's out of scope for this example)
- # Admin user: setupuser
- # Admin pass: He11oW0rld!
- # Machine will go into the default computers ou (root)
- # Domain admins will get local admin rights on login
- # All users will get mobile accounts (offline login)
- # All data will be stored locally (no UNC home dir)
- # Default shell will be bash
- # No DC preference for queries/logins
- # Set the hostname
- scutil --set HostName TEST1.EXAMPLE.COM
- # Enable NTP and set the server
- systemsetup -setusingnetworktime on
- systemsetup -setnetworktimeserver EXAMPLE.COM
- # Reload the service and force run, just in case
- pkill -HUP ntpd
- ntpdate EXAMPLE.COM
- # Add the mac to the domain
- dsconfigad -add "EXAMPLE.COM" -force -computer "TEST1" --domain "DC=EXAMPLE,DC=COM" -username "setupuser" -password "He11oW0rld!"
- # Allow logins from any domain in the forest
- dsconfigad -alldomains enable
- # Now make sure domain admins can login and get admin rights
- dsconfigad -groups "Domain admins"
- # Enable mobile accounts
- dsconfigad -mobile enable
- dsconfigad -mobileconfirm disable
- # Disable UNC paths
- dsconfigad -localhome enable
- dsconfigad -useuncpath disable
- # Set the shell to something sensible
- dsconfigad -shell "/bin/bash"
- # Enable encryption
- dsconfigad -packetsign require
- dsconfigad -packetencrypt require
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
