Background: we have a small fleet of Macs (High Sierra) which we are
trying to bind to an AD forest. We don't have much control over this
instance of AD as it is managed by a different entity than ourselves, so
what I'm describing here assumes that w...
