New MAC lab and lion server in a predominantly PC school

[broni]

Hey guys

heres the deal. I was recently promoted to MAC man since i showed interest in cleaning up the mess of macs we had floating around.

I Just bought 14 new iMacs for the school.
and will be upgrading our existing 20 to lion.
So i will have 34 macs running lion.

That is measly to the 1200 or something PCs we have in the school.
So the school is vastly Windows based and all users in the school are through ACTIVE DIRECTORY

I bought a mac mini lion server to handle the macs. and I have it bound to active directory.

So currently i have the following questions.

1. I can log on using a client iMac once i create an admin account and bind that machine itself to Active Directory. Am i supposed to be doing that? or am i supposed to connect it to the server and let the server do the rest? I tried that but i couldn't get passed the log in screen with Active Directory user credentials.

2. If i've done that right, and i simply have to bind each machine to active directory then how to i auto mount network drives on logon? each user should have their own home drive on the the network, as well as some share drives specific to the user.
however when i log on as myself i see zero share drives and no home drive.
Logging on a windows machine maps these drives automatically.
how do i do that on a mac? per user.

3. We have a web proxy that requires credentials to access the web.
I can put these in manually and get on the web, but that requires me saving a username and password in the proxy settings.
This is something else we need to authenticate on logon. So any user in the school can logon and it uses their credentials to get through the proxy.

4. I haven't installed Apple Remote Desktop yet, are the answers in there? or is that simply help desk type solutions. and do i want to install that on the server or my own office mac? or does the one purchase let me put it on both??

Sorry such in depth questions.

Please help.

 

[Foogoofish]

1. Yes, admin account first, then system pref's to bind it to the AD

2. Go into profile manager and select the mount in 'login items' under accounts. Do this for all user groups and it will auto load on log in. You can drag the actual mount point from server desktop to the gui box to get the address right.

3. Not sure about this, but when I was at school we all had our own proxy u/n and password. This is a work around, but there must be a way of having it auto added in. I would go into profile manager... .

4. Apple remote desktop is unlimited use and is the BEST thing ever! Remote Install is the best thing when loading up new comps, as well as monitoring systems etc.. It is a really good investment for the low low price. Also for seeing pesky students not working, or downloading random stuff.


Sorry for the rushed answers - let me know if they are too brief / you want more! On my way to work...or at least I should be!

Foogoo

 

[rwwest7]

Get Casper Suite, ditch Lion Server.

 

[rwwest7]

And for AD home drives to auto map on a Mac they can't be more than one layer deap, ie \\server\sharedfolder\user and NOT \\server\sharedfolder\subfolder\students\user. Their home folder must be in the root of the share. I've found no way to mount other drives, but the home folder will appear in the dock as long it is in the root of the share.

They can get to any share by pressing Command + K with Finder in focus, then type smb://server/share/folder.

As far as Managed Preferences go you are faaaaaaaar better off with Casper Suite than Lion Server. Skip the headache...Lion Server is fragile and will just stop working when it wants to. Casper Suite installed on Server 2008 is rock solid. Casper also gives you App metering, computer usage logging, the ability to push out apps, and countless other benifits. ARD works OK but is not nearly as scalable or reliable as Casper is.

 

[broni]

thanks so much guys. Been a reader here for a long time, and this is my first thread, so i appreciate the help.

I'll try this stuff out today.

 

[kgallagher]

I'd like to know if anything worked out for you with this? I'm in a similar situation and I've tried some of this (save for Casper Suite).

I have a Mac Mini Server running Lion (10.7) on loan. Right now, we only have a handful of Apple computers that have been requested to be put on our network. Eventually, I'd imagine, we'll have more based on requests/approvals. We will be incorporating iOS devices at a more rapid rate.

Here's what I'm looking to do (as of now, just working with devices running the Mac OS X) if you, or anyone else for that matter, can help me out, I'd greatly appreciate it:

• Automount drives on login through profile manager
  • I've tried several ways, using server name, ip address, and fqdn for a Group.
  • When I connect to it with command + k, it works.. just doesn't automount
• Under network, all of our servers are listed no matter who is logged in. I see this as a huge security hole. I can only seem to get this to go away by disabling bonjour, however I've been told that it will probably be integrated into DNS more and more over the next few years. Also, after a reboot, I have to run the command again to hide it. I would like to just not let users see my servers.

Thanks for any and all help on this matter!

 

[mus0r]

I can't comment on Casper, but I use FileWave and found I really like it (once you figure out some of its...unusual nuances).

 

[peoplenamed]

I am also interested in finding a solution to this. I am interning at a school and they are trying to have all the MAC computers connect to user-specific networked drives at log-on. Everything is mapped using windows server 2008. We are using Mountain Lion server.