How to Join or Bind Mac to a Windows Domain

Last week I received a Mac laptop and before I could install SCCM client on it, I wanted to join or bind Mac to a Windows Domain or AD Domain. To bind a Mac to active directory, you can use the steps covered in this post.

After a long time I was using Mac and honestly, I found it bit difficult to use it. Coming from Windows OS, it takes some time to understand the Mac OS but once you start exploring it, you will find it easy.

Let’s consider an example where your boss calls you into his office and says he got a new laptop. You notice that it’s a Mac and now you have to join this Mac to a Windows domain.

So what do you do now ?. Not to worry, you can join a Mac to your AD domain and I will show you how it’s done. I am currently using Mac OS 10.14 and using this article you can find out your macOS.

Before you Bind or Join a Mac to Active Directory Domain, ensure the Mac is connected to the network. You can either set a static IP address on your Mac or let DHCP assign the IP address to Mac. If your Mac is unable to communicate with domain controller, the domain join will fail.

Steps to Join or Bind a Mac to a Windows Domain

Let me now cover the steps to join or bind a Mac to a Windows or Active Directory Domain. On you Mac, click System Preferences in the Dock, and then select Users & Groups in the System section on your Mac.

How to Join or Bind a Mac to a Windows Domain Snap1

Click the Lock icon and enter an administrator username and password.

How to Join or Bind a Mac to a Windows Domain Snap2

When you enter the right credentials, the lock icon now shows unlocked. You can make the changes now.

How to Join or Bind a Mac to a Windows Domain Snap3

Click Login Options and then click the Join button next to Network Account Server option.

How to Join or Bind a Mac to a Windows Domain Snap4

Click the Open Directory Utility… button.

How to Join or Bind a Mac to a Windows Domain Snap5

You see two options under Service – Active Directory and LDAPv3. However both of them are greyed out. Click the Lock icon and enter an administrator username and password again.

How to Join or Bind a Mac to a Windows Domain Snap6

Select Active Directory, and then click the Pencil icon.

How to Join or Bind a Mac to a Windows Domain Snap7

Enter the Active Directory domain name. You can specify a new computer ID if required. Click Bind.

How to Join or Bind a Mac to a Windows Domain

Specify an account and password that will add this Mac to the domain. Click OK.

Join Mac to Domain

We have successfully joined the Mac to Active Directory domain. Click OK.

Join Mac to Domain

Finally we got the Mac added to the domain. We can now see the domain name next to Network Account Server. Reboot your system to apply the changes.

How to Join or Bind a Mac to a Windows Domain

Prajwal Desai

Hi, I am Prajwal Desai. For last few years, I have been working on multiple technologies such as SCCM / Configuration Manager, Intune, Windows 11, Azure, Security etc. I created this site so that I can share valuable information with everyone.

7 thoughts on “How to Join or Bind Mac to a Windows Domain”

  1. I’m getting error as “Authentication server could not be contacted.” while binding

    I have added DNS with AD sever IP and created krb5.conf file at /etc/krb5.conf
    Still getting error, what could be the issue?

    Reply
  2. Prajwal, I am setting this up remotely, I am able to bind the MAC to the domain with no issue and when I reboot I only get the local user log in. How do I get the domain account to be the login on a user that is remote?

    Reply
    • There’s an option called ‘create a mobile account at login’. Use that. It will prompt you for AD username and password which will be cached in the device.

      Reply

Leave a Comment