Ok, I’m working on setting up our Macs to authenticate to our Novell/NetIQ/MicroFocus eDirectory via pure LDAP. We’ve used Condrey/Novell’s Kanaka in the past, but the server part had a bad habit of ceasing to respond at random intervals. All we were using it for was basic authentication anyway, so started looking at other options and LDAP seems like the answer. Like I say, just basic authentication, no network home directory mounts or anything fancy needed. We’re using Mobility Accounts (controlled by Casper policies) with local home directories. Access to network homes and shares is via Novell Filr.
I’ve got LDAP auth working smoothly on a test machine, the thing now is finding a way to push the config out to others. It does require custom mapping of LDAP attributes (just built a new eDirectory tree this summer and would rather keep the schema clean for now) which, so far as I can tell, leaves out the standard Casper Directory policies. I found a Bind to LDAP script on jamfnation that seemed like just the ticket, but it’s from 2010 and, I’m afraid, out of date as it calls for packaging and deploying a file that I can’t seem to locate on El Cap.
So, would appreciate any useful knowledge that anyone out there is willing to share. If I’m missing something obvious, I’d appreciate being told that too. Up until about two years ago, we were a pure Windows desktop environment, but, thanks to deciding to 1:1 deploy MacBooks to grades 7-12, we’ll soon be at least 2:1 Mac over Windows, and the Mac count is only climbing. I’ve come to love Macs more than I ever would have thought possible, but I still learn something new about them and their quirks nearly every day. Then again, reckon the same can be said for Windows, or, heck, anything we do in IT. Thanks in advance!
