Note:  The workstation object should be pre-created in AD for the most efficient installation.  This operation must be done by an IT Admin with administrative rights to the departmental OU.  If you do not know who your departmental computer liaison is, please contact the ITS Help Desk at 4-HELP.

  1. Go to System Preferences | Users & Groups | Login Option
    System Preferences. Highlighted - Users & Groups

     
  2. Turn off Automatic Login, then click Join next to Network Account Server
    Users & Groups. Automatic login: Off. Click Join... button next to Network Account Server:

     
  3. Click on Open Directory Utility
    Highlighted - Open Directory Utility... button

     
  4. Check Active Directory and click on the little pencil
    Highlighted - Active Directory and the little pencil button at the bottom of the screen

     
  5. Specify iowa.uiowa.edu and your Computer ID
  6. Open the Advanced Options | Administrative  and check Allow Administration by: add the appropriate AD group.  Individual user accounts cannot be added here.  If you want to make an individual AD account an admin, follow the steps in this article:  http://support.apple.com/kb/HT4332
  7. If the Mac is a laptop, use Advanced Options | User Experience and check "Create mobile account at login".
  8. Click Bind and provide AD credentials when prompted.
    Click Bind... button

     
  9. If you use an existing computer object, answer Yes when asked "Join existing account?".
  10. Close the previous box; click Apply in the Directory Utility and then close the app
  11. Confirm the configuration by restarting and logging in with a HawkID.

Note:  If you "Unbind" (remove) a Mac from AD it will delete the existing computer object from AD. If you re-add the Mac to AD please recreate the object before binding the computer back into AD otherwise the object will be created in the "Computer" container. 

Last updated
Article number
3276