/
Active Directory Payload macOS

Active Directory Payload macOS

Owned by Martin Gudme Søndergaard
Nov 14, 2023

Description

This payload can be used to join a macOS device to an Active Directory and configure the domain membership options.

Active Directory (macOS)DescriptionExample
Domain

Domain NameThe Active Directory domain to join using FQDN.
User NameUser name of the account used to join the domain, using user principal name, USER@EXAMPLE.COM
PasswordThe password of the account used to join the domain.
AD organizational UnitThe organizational unit (OU) where the joining computer object is added, using the distinguished name, OU=MACOU,DC=EXAMPLE,DC=COM
A Mount StyleNetwork home protocol to use: (afp) or (smb).
Enable or disable the AD Create Mobile Account At Login keyDescriptionValueDefault
AD Create Mobile Account At LoginCreate mobile account at login.BooleanFalse
Enable or disable the AD Warn User Before Creating MA keyDescriptionValueDefault
AD Warn User Before Creating MAWarn user before creating a Mobile Account.BooleanFalse
Enable or disable the AD Force Home Local keyDescriptionValueDefault
AD Force Home LocalForce local home directory.BooleanFalse
Enable or disable the AD Use Windows UNC Path keyDescriptionValueDefault
AD Use Windows UNC PathUse UNC path from Active Directory to derive network home location.BooleanFalse
Enable or disable the AD Allow Multi Domain Auth KeyDescriptionValueDefault
AD Allow Multi Domain AuthAllow authentication from any domain in the forest.SingleValue
Enable or disable the AD Default User Shell keyDescriptionValueDefault
AD Default User ShellDefault user shell; e.g. /bin/bash.SingleValue
Enable or disable the AD Map UID Attribute keyDescriptionValueDefault
AD Map UID AttributeMap UID to attribute.SingleValue
Enable or disable the AD Map GID Attribute keyDescriptionValueDefault
AD Map GID AttributeMap user GID to attribute.SingleValue
Enable or disable the AD Map GGID Attribute keyDescriptionValueDefault
AD Map GGID AttributeMap group GID to attribute.SingleValue
Enable or disable the AD Preferred DC Server keyDescriptionValueDefault
AD Preferred DC ServerPrefer this domain server.SingleValue
Enable or disable the AD Domain Admin Group List keyDescriptionValueDefault
AD Domain Admin Group List, separated by semicolons ;Allow administration by specified Active Directory groups.SingleValue
Enable or disable the AD Name space keyDescriptionValueDefault
AD Name spaceSet primary user account naming convention: (forest) or (domain) domain is default.MultiValue
Enable or disable the AD Packet Encrypt keyDescriptionValueDefault
AD Packet EncryptPacket encryption: (allow), (disable), (require) or (ssl) allow is default.MultiValue
Enable or disable the AD Restrict DDNS keyDescriptionValueDefault
AD Restrict Dynamic DNS, separated by semicolons ;Restrict Dynamic DNS updates to the specified interfaces (e.g. en0, en1, etc).SingleValue
Enable or disable the AD Trust Change Pass Interval Days keyDescriptionValueDefault
AD Trust Change Pass Interval DaysHow often to require a change of the computer trust account password in days; 0 is disabled.SingleValue


For more information on specific features, refer to Apple’s documentation → Apple Configuration Profile Reference

Related content

Active Directory Payload macOS
Active Directory Payload macOS
CapaInstaller 6.2 Documentation Public
More like this
Sysprep_JoinDomain
Sysprep_JoinDomain
CapaInstaller 6.6 Documentation Public
More like this
Sysprep_JoinDomain
Sysprep_JoinDomain
CapaInstaller 6.5 Documentation Public
More like this
Global Security Configuration
Global Security Configuration
CapaInstaller 6.6 Documentation Public
More like this
CapaOne Integrations
CapaOne Integrations
CapaOne Documentation Public
More like this
MDM Service configuration options
MDM Service configuration options
CapaInstaller 6.4 Documentation Public
More like this