Part of my post imaging process requires me to manually adjust the custom authentication search policy in Directory Utility. Since all of my users and groups live in Active Directory, we want the machine to look first in AD for a user when they enter their log in credentials by having a custom search policy for authentication where AD is above LDAP. I’ve always wanted a way to either script this out, or use ARD to send a command to do this, instead of manually logging in to each machine after it’s been restored and adjusting this via drag and drop.
When I started using DeployStudio a few years ago, I was hopeful this would find its way in to their AD Bind task. Since I’m still waiting for this to happen, I decided I would beat them to it. (more…)