School of GeoSciences

School of GeoSciences

Connecting to AD Samba servers from MacOS X

Warning: MacOS 10.5.x (leopard) needs to be updated to at least 10.5.5 to be able to connect to the AD as described below.

Initial Setup

Each machine needs to be configured for use with the Edinburgh AD service. This only needs to be done once.

  • You must be using MacOS X version 10.3.9 or later (but not 10.5.0 - 10.5.4).
  • Ensure your system time is within 5 minutes of "actual time", or the process will fail. You should tell your Mac to automatically set its time, e.g. from Apple's time server or from the Edinburgh network.
  • Open a Terminal (usually found in the Utilities folder).
  • Download and install a suitable krb5.conf by entering the following (then press return):
    sudo curl -o /etc/krb5.conf http://www.geos.ed.ac.uk/it/FAQ/krb5.conf
(Re-)Connecting to the Server(s)

After the initial setup described above has been done once, you should only need this part.

  • Open a terminal (usually found in the Utilities folder - or use the one opened above).
  • Tell the AD service who you are, and prove it. Enter the following in to the terminal, replacing fbloggs with your username:
    kinit fbloggs@ED.AC.UK
    The ED.AC.UK must be in UPPER CASE or it won't work! (Don't forget to press return...)
  • When prompted, enter your AD password (i.e. your MS windows one, usually the same as your EASE password) and press return.
    Generally, if you get no error message, everything has worked.
  • Close the Terminal
  • Switch to the Finder (e.g. click on your desktop).
  • From the "Go" menu choose "Connect to Server".
  • You will want to connect to, for example, smb://fbloggs.home.geos.ed.ac.uk/fbloggs (where fbloggs is your username).

Connecting to file servers via SFTP

You can also connect to our servers using SFTP. In this case you should probably connect to ssh.geos.ed.ac.uk. We have had reports that Cyberduck works well for this.

Warning

Modern Mac's are actually Unix machines, it's possible for you to integrate too well into the network and people will be able to log on to your computer.