OSX Apple Remote Desktop Active Directory Logins From A Windows Client (Remotix)

Written by William Roush on March 25, 2013 at 9:03 pm

A few weeks ago we got our Mac Mini in, quickly got ESXi on it, and proceded to run a handful of OSX VMs on it for various development purposes, mainly servers to test our software on… However I ran into one major issue:

 

How are we to share these machines?

 

I had a few requirements I should lay out first:

  • Needs to be able to authenticate with our local Active Directory server.
  • Needs to obey Apple’s virtual terminal permissions (either requesting shared access or starting a new virtual terminal, not using VNC).
  • Needs to work on Windows (no, can’t just buy a Macbook, defeats the purpose of this setup).

A promising piece of software I stumbled upon was Remotix For Windows, it was a much nicer interface than other VNC products, and boasted integration with OSX logins… score!

However Active Directory logins were failing, and the steps to get them working are a bit cryptic if you don’t know what you’re looking for, and took quite a bit of looking for me to dig up all of the steps required to get it to work. Now I’m going to assume a couple things:

  • You can log in via an Active Directory account on the console of the machine.
  • You have Apple Remote Desktop enabled.

First thing, we need to enable directory logins on Apple Remote Deskop, we’ll enable it by running this:

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -clientopts -setdirlogins -dirlogins yes

Then we’ll need to grant users access to Apple Remote Desktop by creating a local “ard_admin” group, and tying Active Directory groups to it, we’ll do that by running these two commands:

dseditgroup -o create ard_admin
dseditgroup -o edit -a 'YOURDOMAIN\your_ad_admin_group' -t group ard_admin

At this point I restarted OSX so that the ARD settings took affect.

Now you should be able to fire up Remotix, connect to the machine and provide Active Directory credentials and log in.

 

This entry was posted in Uncategorized and tagged , , on by .

About William Roush

William Roush is currently employed as a Senior Software Developer and independent contractor in Chattanooga, Tennessee. He has more than 12 years of experience in the IT field, with a wide range of exposure including software development, deploying and maintaining virtual infrastructure, storage administration and Windows administration.

2 thoughts on “OSX Apple Remote Desktop Active Directory Logins From A Windows Client (Remotix)

  1. Jen Montes

    I was having trouble getting the native OS X screen sharing to work with Active Directory logins and following these steps worked like a charm. Thank you!

    One thing to note: the first login attempt with the Active Directory user seems to always fail, but all subsequent attempts work. It might be because the new settings don’t take effect until you make at least 1 attempt. Whatever the reason may be, I wanted to document here that it *does* indeed work.

    Reply
    1. William Roush Post author

      Thanks Jen, it has been awhile since I’ve last done this, I’ll make a mental note to keep an eye out for this next time and update the blog with my findings, maybe I somehow overlooked it.

      Glad it worked for you!

      Reply

Leave a Reply to Jen Montes Cancel reply

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.