Need to Bind to AD

mariobarrera
New Contributor

What is the script to bind computer 10.12.6 to Active Directory?

7 REPLIES 7

bpavlov
Honored Contributor

If you are using Jamf Pro just use a policy to accomplish this. In the Directory Binds policy payload, you pick the directory service you want to bind to. If you do not see any options there, then you need to first add a directory to your JSS. Go to the JSS > Settings > Computer Management > Directory Bindings and add a new directory binding.

This all has the benefit of not having to hardcode any passwords into a script because the JSS will have all that information stored. All you would need to do is take care of some logic such as making sure that the binding takes place while the computer can reach the directory service to actually join/bind.

gachowski
Valued Contributor II

Friends don't let friends bind to AD.

: )

When I did bind to AD I used the Jamf scrip

/usr/local/bin/jamf bind -type ad  -domain 'XXX' -username "XXX" -passhash "XXX" -ou "CN=Computers,DC=XXX,DC=net" -mountStyle smb -uid "uidNumber" -userGID "gidNumber" -cache -multipleDomains -localHomes -shell none

You can copy it from a machine after it's imaged but before it reboots . : ) I would just copy it off in target mode...1st run script I think

C

brandonalexande
New Contributor
If you are using Jamf Pro just use a policy to accomplish this. In the Directory Binds policy payload, you pick the directory service you want to bind to. If you do not see any options there, then you need to first add a directory to your JSS. Go to the JSS > Settings > Computer Management > Directory Bindings and add a new directory binding.

That right there. add your directory settings to jss then create a policy with the bindings. I have it setup as a self-service policy. You need to make sure your computer is named properly before binding since it binds using the computer name.

and make sure your "computer OU" is in this format in Computer management->Management Framework->Domain Bindings:
OU=SUBOUNAME,OU=PrimaryOUNAME,DC=YOURDOMAINNAME,DC=YOURDOMAINSUFFIX

edullum
Contributor

Where is says Active Directory Domain, is that the same as the Directory Server?

vanschip-gerard
Contributor

Hi @brandonalexander , I dont see Domain Bindings under Management Framework. Does that get added once you set up AD binding?

Tangentism
Contributor III

@vanschip-gerard Have a look under Settings > Computer Management > Directory Bindings.

You need to set them up there first.

mark_mahabir
Valued Contributor

Consider whether you actually need to bind to AD and whether you could make use of NoMAD instead.

If you really do need to bind, then there is a really good binding script here.