Recently at the company I work for we’ve been working on getting our Macs and PCs to all play nice together using the same repository for authentication.
We currently have an Active Directory domain in place with multiple domain controllers residing at multiple sites. All of our PCs are joined to the domain and all windows users have domain accounts. We also have multiple OS X servers at various locations functioning as standalone file servers. Each OS X server functions as its own user repository. In order for a windows machine to connect to one of the OS X machines an identical user account needs to be created to allow the windows credentials to pass through upon connection.
While this works in some scenarios at a certain point it becomes unmanageable. There are just too many accounts to keep synchronized. It becomes somewhat impossible to enforce an automated password change policy. So this was our problem and here are the steps we took to fix it.
