MCS is currently in the process of migrating it’s directory services from Apple’s Open Directory to Microsoft Active Directory.
First it is important for you to know that this transition was not able to be finished until everyone had returned to school. The reason it had to wait is because it requires each of you to actively participate in this process. (There are some things that just can not be automated – aren’t you glad for that?)
Without going into great detail, everyone has an account right now in both the old directory service (Open Directory) and the NEW (Active Directory). Many of the network services we provide have already been transitioned and are being controlled by the new directory service but as of the date of this post most of you are logged in using the old directory service. The Directory Service is like a customs agent. It checks your passport and credentials before allowing you in. You visit this border crossing every time you log into the network here at school.
In order for you to prepare to use the new directory service, there is one thing you must do. Below outlines the procedure for enabling your directory account so that when we transition your computer to the new domain everything will move smoothly, including the data that you have currently stored on your laptop.
Change your account password in the new domain (Directory Service)
Right now website filtering and using copy machine access are controller by the new directory service. This means that everyone needs to update/enable their new accounts so that they are working properly. This is not as scary as it sounds. To update your account in the new service you simply need to go to any DELL computer and log in:
XP Logon Window
- In the user name box type in your normal account name (i.e.: ppoggione)
- In the password box type the word “change me!” (all lower case and no quotes please and don’t forget the exclamation point)
- From the Log on to drop down box, make sure that mattawanschools is selected.
- Click OK, and the system will automatically prompt you to change your password.
XP change password dialog
be aware that when you change your password, in the “old password” field put in your old password, which for this is “change me!” For your new password enter what you are currently using for your Macbook. After you change the password you can log off the Dell. We don’t need to use the Dell anymore. Incidentally, this is a “one-time” thing that needs to be done during the service migration. This is NOT how you will manage your account passwords in the future.
**IMPORTANT NOTE** Your new password MUST be 5 characters long at a minimum. if the password you use on your Macbook is not at least 5 characters long, you will need to create a new one. Then simply go back and change your Macbook password to match it. You do not have to have the passwords the same, but doing this will make the rest of the migration easier. (more on that in a later post)
Tell the web filtering server who you are
in order for Web filtering to work properly you will need to authenticate (from your macbook) to a different server (Alexander is no longer the directory server). You need to connect to ad1.mattawanschools.org. To do that, when you are in the Finder (click anywhere on your laptop’s desktop and you will be in the “Finder“) Select “Connect To Server” from the “Go” menu (or press Command-K)
Apple Finder: Connect to Server
Note that you are connecting via the smb protocol, so it is important that you enter the information as shown in the image. When you are prompted for a username and password, enter your information and be sure to check the box that says “store this information in my keychain”, then you won’t be prompted for username and password again)
After this you will be able to access Facebook, YouTube and webmail services.
Now that you have enabled your new domain account, you can use your username and password at the copy machines to make copies as well.
Later this week, we will be pushing out an automated script that will transition your laptop to the new domain as well. Once this is done you should not have to manually connect to AD1 (for web filtering) unless your network logon has been disconnected (i.e. taking your laptop home).
This inconvenience was not avoidable and I appreciate your efforts in trying to get this done as soon as possible.
“Always remember that a workaround is not a solution!”