Mac OSX and Active Directory

Written by Rajat Bhargava on July 17, 2015

Share This Article

We all know the history between Apple and Microsoft®. There’s no love lost between the two. Even when Apple was on the brink of extinction, not much changed within this dynamic. And who can forget those, “I’m a Mac, I’m a PC” commercials?

But with 91% of enterprise organizations using Macs, IT departments are given the tough task to integrate these two bitter rivals in one directory. Admins everywhere are asking, “How are Macs integrated into Active Directory®?

The true answer is that they aren’t. AD can authenticate Macs, but anything deeper than that and it gets tricky. AD struggles to completely control Mac user management and also has no device management capabilities. Macs (and Linux devices) are treated like red-headed stepchildren when it comes to Microsoft Active Directory and Windows.

Why Active Directory Struggles to Manage Macs

Manage Macs, Linux and Windows effectively

AD was built and is meant for Windows. AD can authenticate, authorize, and manage Windows devices and users seamlessly, and this makes sense given that Microsoft owns both platforms and only cares about proliferating Windows.

The problem is in today’s IT environment, Windows isn’t the only game in town. Macs and Linux devices are a big part of many organization’s infrastructure. As IT admins grapple with the multiple platforms the question inevitably turns to how will we control these Macs?

Will we let them be self-managed, will we just control authentication, or do we want to have full control just as we do with our Windows machines?

Unfortunately, most organizations are forced to opt for one of the first two options. Until recently, there hasn’t been a way to completely authenticate, authorize, and manage Macs and their users.

Manage Macs with A Cloud-Based Solution 

Directory-as-a-Service® (DaaS) is the way that Macs can start to be under the control of IT.

Admins have two options with Directory-as-a-Service:

  1. Extend AD through a bridge to DaaS and have DaaS control Mac devices
  2. Leverage DaaS as the full directory service for the organization

Either option provides IT admins with deep user management and device control over Macs. Finally, Macs are first class citizens just as Windows devices have been. Admins can tightly control access, remotely troubleshoot issues on the machine, and set policies.

This is a breath of fresh air, since Macs have effectively been unmanaged in most organizations.

Learn More About How to Manage Macs

If you would like to learn more simplifying Mac management by extending AD with our AD Integration or replacing AD with Directory-as-a-Service, drop us a note – we’ll be happy to discuss our experiences on managing the Mac platform and integrating it with Directory-as-a-Service. You can also start testing our effective Mac management by signing up for a free account. Your first ten users are free forever.

Rajat Bhargava

Rajat Bhargava is an entrepreneur, investor, author, and CEO and co-founder of JumpCloud. An MIT graduate with over two decades of high-tech experience, Rajat is a ten-time entrepreneur with six exits including two IPOs and four trade sales.

Continue Learning with our Newsletter