ADmitMac 5.1 - Allow Macs to use directory services in Windows environs. (Demo)

utilities

ADmitMac 5.1

ADmitMac allows Macintosh users to participate in Microsoft networks taking advantage of the directory services provided by Active Directory, NT and Apple\'s Workgroup Manager Directory Services. Administrators can manage their domain users in a consistent way without regard to what kind of computer they use. ADmitMac lets users log into a Macintosh with their domain credentials and then have access to files in their home directory.

ADmitMac is tailored for multi-user, multi-computer scenarios with administrator defined network security. It supports the highest level of security and does not require the downgrading of security when using Windows Server 2003. Kerberos is used to provide secure directory access, thus reducing the risk of unwanted disclosure, spoofing, and man-in-the middle attacks. ADmitMac automatically configures the Macintosh to use Kerberos and obtains the necessary security keys from the domain and performs mutual authentication requiring the server to prove its identify. ADmitMac also works with older NT directory services. All communication with NT domain controllers is performed using SMB/CIFS protocols.

ADmitMac will cache successful user login information for later use. This allows notebook or mobile users to continue using their domain account to log in when their Macintosh is not connected to the domain.

ADmitMac v2.0 includes two major new features: Workgroup Manager plug-ins for both the Mac and PC and AD Commander. The Workgroup Manager plug-ins allow you to integrate Apple\'s Mac OS X Server MCX settings with your Active Directory domain server. And with AD Commander, you can access and update the Administrative Tools on your Active Directory Domain from your Macintosh.

BASIC ADmitMac FEATURES

Administrators can easily manage Macs in their Microsoft Windows domain - without special training.
Installs on the Mac with no Active Directory schema changes required.
Provides secure access using Kerberos.
Provides bi-directional file and printer sharing.
Supports Windows login security restrictions.
Allows users to easily change passwords.
Support for Dfs - home directories can be mounted using Dfs.
Supports NTFS file format - does not create double files.
Preserves users custom desktop and documents no matter which computer they log into.
Offers complete interoperability with Services for Macintosh.
Works with older NT directory services.
Users can mount any shared folder they are allowed to access via the ADmitMac Browser or the Connect to Server...
Perfect for computer labs or corporate networks where security is a major concern.
Provides print client for connecting to Windows printers.

ADVANCED FEATURES

Allows for user login with home directories located on the Macintosh client\'s local hard disk.
Automatically configures Macintosh for use with Kerberos. Kerberos configuration files are generated automatically.
Fully signed and sealed (encrypted) LDAP connections prevent disclosure of user\'s personal information and prevent man-in-the-middle attacks.
Support for SMB signed connections, NTLM SSP, and NTLMv2.
Expired and reset passwords are handled correctly when users log in to the Macintosh desktop.
Caches user credentials for mobile user access when not connected to the network.
Supports browsing for published shares.
Print client can access shared printers. Printers may be configured by browsing the list of printers published in a domain, or manually.
Kerberos credentials are set up automatically when a user logs in. No changes to /etc/authorization are required.
Cross-realm trust with MIT Kerberos.
Support for multiple domains within a forest.
Administrators can choose domain search paths for users, groups, and published printers and shares to limit searches to specific organizational units.
Administrators can choose to give domain members administrative privileges based on their domain group membership.
Administrators can give administrative privileges to the user specified as the Macintosh\'s manager in the domain\'s computer records.
Supports Mac OS X Server service principal names.
Home directories may be located at a path where the user does not have access to the parent folders.
Administrators can utilize Apple\'s Workgroup Manager MCX settings.
The ADmitMac Deployment utility creates custom ADmitMac install packages for multi-computer installations.
Dynamic DNS registration support: the Mac will register it\'s IP addresses with DNS using it\'s computer account name.
The AD Commander tool allows you to edit Active Directory users and groups as if you were using AD Administrator Tools.