Hello Jamf Pro peers!
Fresh off the boat Mac user here. Are there any comparable tools to the Active Directory Users and Computers snap-in from Windows available on macOS Catalina and above?
Thanks in advance!
Page 1 / 1
Your best tool is going to be a Windows virtual machine or RDP session.
You'll probably run rapidly into its limits, but start with the Directory Editor tab in Directory Utility, located at /System/Library/CoreServices/Applications/ on Catalina.
I've used Apache Directory Studio for some basic AD lookups and record purges (requires an installed JDK). Depends on what specific features you need tho.
I have a crap desktop in an old office that I remote into just for AD. +1 for remote desktop.
https://support.apple.com/guide/directory-utility/configure-domain-access-diru11f4f748/mac
also, some of these are OD specific, but, here is a list of directory service related binaries to check out:
dscacheutil
dscl
dsconfigad
dsconfigldap
dseditgroup
dsenableroot
dsexport
dsimport
dsmemberutilKind of depends on what you want/need and what your AD Team and CISO are willing to tolerate.
We use tools from ManageEngine for monitoring and troubleshooting user issues, but for actually managing users, we RDP to a CISO approved hosted VM that has AD tools installed, using elevated credentials, limited access, etc. Field support staff are not allowed to use any other system other than that for user management, and even then there are strict controls and monitoring in place.
Thanks for the feedback guys. I believe I will just RDP into a system that stays online, and connected in the office for administrative AD tasks.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.