Help

switching from OD to AD

bfrench
Contributor III

Posted on ‎05-05-2015 09:12 AM

We will be switching from OD to AD this summer. All devices/users were enrolled with OD last year. Some will receive new devices this summer and will re-enroll against AD. But not sure what we need to do with those keeping devices. Remove and re-enroll? Leave as is? We currently do not have any policies set with our OD groupings.

Anyone else gone through this switch with Casper?

B French

0 Kudos
2 REPLIES 2

stevewood
Honored Contributor II
Honored Contributor II

Posted on ‎05-05-2015 09:18 AM

@bfrench I went through this last year with some of my users. I had a mixture of OD and AD users, and I was moving all over to a new AD. I was able to provide a Self Service method for my users to do the move when they had time. I wrote about it over here:

Move Domains

I basically removed the machine from OD (dsconfigldap -r <OD server domain>) and then bound the machines to AD using a policy that called the Casper bind process. I also had to deal with FileVault enabled devices, so you can see that part of the scripts.

Hope that helps.

0 Kudos

andrew_nicholas
Valued Contributor

Posted on ‎05-15-2015 08:52 AM

We just completed something similar to this, but one thing I would add is that we found it better to use find $Directory -user $OldUser -exec chown $UUID:GUID {} ; instead. Large user directories would sometimes not build the chown list fully and so users would miss things. Using find instead was a much more successful implementation for us.

0 Kudos