Description
This payload can be used to join a macOS device to an Active Directory and configure the domain membership options.
| Active Directory (macOS) | Description | Example |
|---|
| Domain |
|
|
| Domain Name | The Active Directory domain to join using FQDN. |
|
| User Name | User name of the account used to join the domain, using user principal name, USER@EXAMPLE.COM |
|
| Password | The password of the account used to join the domain. |
|
| AD organizational Unit | The organizational unit (OU) where the joining computer object is added, using the distinguished name, OU=MACOU,DC=EXAMPLE,DC=COM |
|
| A Mount Style | Network home protocol to use: (afp) or (smb). |
|
| Enable or disable the AD Create Mobile Account At Login key | Description | Value | Default |
|---|
| AD Create Mobile Account At Login | Create mobile account at login. | Boolean | False |
| Enable or disable the AD Warn User Before Creating MA key | Description | Value | Default |
|---|
| AD Warn User Before Creating MA | Warn user before creating a Mobile Account. | Boolean | False |
| Enable or disable the AD Force Home Local key | Description | Value | Default |
|---|
| AD Force Home Local | Force local home directory. | Boolean | False |
| Enable or disable the AD Use Windows UNC Path key | Description | Value | Default |
|---|
| AD Use Windows UNC Path | Use UNC path from Active Directory to derive network home location. | Boolean | False |
| Enable or disable the AD Allow Multi Domain Auth Key | Description | Value | Default |
|---|
| AD Allow Multi Domain Auth | Allow authentication from any domain in the forest. | SingleValue |
| Enable or disable the AD Default User Shell key | Description | Value | Default |
|---|
| AD Default User Shell | Default user shell; e.g. /bin/bash. | SingleValue |
|
| Enable or disable the AD Map UID Attribute key | Description | Value | Default |
|---|
| AD Map UID Attribute | Map UID to attribute. | SingleValue |
|
| Enable or disable the AD Map GID Attribute key | Description | Value | Default |
|---|
| AD Map GID Attribute | Map user GID to attribute. | SingleValue |
|
| Enable or disable the AD Map GGID Attribute key | Description | Value | Default |
|---|
| AD Map GGID Attribute | Map group GID to attribute. | SingleValue |
|
| Enable or disable the AD Preferred DC Server key | Description | Value | Default |
|---|
| AD Preferred DC Server | Prefer this domain server. | SingleValue |
|
| Enable or disable the AD Domain Admin Group List key | Description | Value | Default |
|---|
| AD Domain Admin Group List, separated by semicolons ; | Allow administration by specified Active Directory groups. | SingleValue |
|
| Enable or disable the AD Name space key | Description | Value | Default |
|---|
| AD Name space | Set primary user account naming convention: (forest) or (domain) domain is default. | MultiValue |
|
| Enable or disable the AD Packet Encrypt key | Description | Value | Default |
|---|
| AD Packet Encrypt | Packet encryption: (allow), (disable), (require) or (ssl) allow is default. | MultiValue |
|
| Enable or disable the AD Restrict DDNS key | Description | Value | Default |
|---|
| AD Restrict Dynamic DNS, separated by semicolons ; | Restrict Dynamic DNS updates to the specified interfaces (e.g. en0, en1, etc). | SingleValue |
|
| Enable or disable the AD Trust Change Pass Interval Days key | Description | Value | Default |
|---|
| AD Trust Change Pass Interval Days | How often to require a change of the computer trust account password in days; 0 is disabled. | SingleValue |
|